www.telegramhcn.com
Open in
urlscan Pro
172.67.130.15
Malicious Activity!
Public Scan
Effective URL: https://www.telegramhcn.com/
Submission: On July 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.
This is the only time www.telegramhcn.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 30 | 172.67.130.15 172.67.130.15 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.156.2 172.67.156.2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
telegramhcn.com
1 redirects
www.telegramhcn.com |
337 KB |
2 |
dcobxs.com
web.dcobxs.com |
23 KB |
31 | 2 |
Domain | Requested by | |
---|---|---|
30 | www.telegramhcn.com |
1 redirects
www.telegramhcn.com
|
2 | web.dcobxs.com |
www.telegramhcn.com
web.dcobxs.com |
31 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
apps.apple.com |
web.telegram.org |
core.telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
telegramhcn.com WE1 |
2024-06-20 - 2024-09-18 |
3 months | crt.sh |
dcobxs.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.telegramhcn.com/
Frame ID: 210A6635EDA31CCDECB501E7108DC26E
Requests: 29 HTTP requests in this frame
Frame:
https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 2306F6525A7CBD90456C959916264D3D
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Telegram-Telegram中文版Page URL History Show full URLs
-
http://www.telegramhcn.com/
HTTP 307
https://www.telegramhcn.com/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Twitter
Search URL Search Domain Scan URL
Title: Telegram iPhone/iPad
Search URL Search Domain Scan URL
Title: 网页版
Search URL Search Domain Scan URL
Title: 开发平台
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: 通讯协议
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.telegramhcn.com/
HTTP 307
https://www.telegramhcn.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://www.telegramhcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
www.telegramhcn.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.telegramhcn.com/skin/css/ |
44 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-2.2.4.min.js
www.telegramhcn.com/skin/js/ |
84 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navright1.png
www.telegramhcn.com/static/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navright.png
www.telegramhcn.com/static/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
www.telegramhcn.com/static/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2left.jpg
www.telegramhcn.com/static/images/ |
145 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2right.jpg
www.telegramhcn.com/static/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session3.jpg
www.telegramhcn.com/static/images/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window.jpg
www.telegramhcn.com/static/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i9.gif
www.telegramhcn.com/static/images/ |
574 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i8.gif
www.telegramhcn.com/static/images/ |
1 MB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i7.gif
www.telegramhcn.com/static/images/ |
1006 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i6.gif
www.telegramhcn.com/static/images/ |
1022 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i5.gif
www.telegramhcn.com/static/images/ |
638 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i4.gif
www.telegramhcn.com/static/images/ |
878 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i3.gif
www.telegramhcn.com/static/images/ |
846 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i2.gif
www.telegramhcn.com/static/images/ |
878 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i1.gif
www.telegramhcn.com/static/images/ |
510 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1712857917188837.jpg
www.telegramhcn.com/static/upload/image/20240412/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1712857691304410.jpg
www.telegramhcn.com/static/upload/image/20240412/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom.js
www.telegramhcn.com/skin/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
side.js
www.telegramhcn.com/skin/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hc-sticky.js
www.telegramhcn.com/skin/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.telegramhcn.com/Spider/ |
0 428 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
skin.css
www.telegramhcn.com/skin/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
matomo.js
web.dcobxs.com/ |
66 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
matomo.php
web.dcobxs.com/ |
0 427 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2i.png
www.telegramhcn.com/static/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 2306 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
89c5282bee5c362d
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2306 |
0 684 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery function| navright object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| switchNightMode object| _topnews undefined| _topnews_li undefined| m undefined| timer function| movenews4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.telegramhcn.com/ | Name: lg Value: cn |
|
www.telegramhcn.com/ | Name: _pk_id.19.0c0d Value: 9e2b4878f88daeec.1719823916. |
|
www.telegramhcn.com/ | Name: _pk_ses.19.0c0d Value: 1 |
|
.telegramhcn.com/ | Name: cf_clearance Value: WOL8FPEN4Kpifr77LCZoS4UpGhggef2j66kdVg4XYpU-1719823917-1.0.1.1-ZuLUKZyCj5ECzGvec9tws.K3FbTtE4KlVd1XCnz2Y2QaFSlI4TTleQbhoE.iSG7VmN90mHHC8OunZCcvBbKHDQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
web.dcobxs.com
www.telegramhcn.com
172.67.130.15
172.67.156.2
0124d2d9ac5be5a7f5201467923786211749eda73a948b7a5691d4eb197198c3
33d6be96b9ceed78dc9b32bb3fcdf2814836635d2d376d746f42728c35538f9e
389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d0c4939a51a164a3067d43c5071f3b9b468c4b73fa9d27c811fdbcac2ca431e
602b040f55434b5d450a22cf7fe0a3606b47d5d730f1abce67211c55f3601cb4
759e0076e4eabe5d904a07298963aa8fcb709d07618aa14c61d853430e0b3b73
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
97b9d0e9507908e15635de9319606f2e09e76e73e43ef0913a0d1e93d6ebb475
9fdff231d46f09b29510ef4adc80a4dbae646c9d3da770dfe3c7a9672f48269a
a511b7c40a9fc94845eeb06c5cba9874f9cf55a72b650e47729537d538f62f45
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
be0d7af2971baf50358dd1560c353cf6795d0d4e6b85388023a5719b12c9ee35
c443c78239489b2ee75618b26460dae55a87a132b74807780ceab30130eb7a68
cb3fdae01e5edfb32565c5f7b592bc7ca850cba92565ff12f020df68570481e8
d04da8f67dd05731b0d944e1109ba0859dac96ecce7365396dc7dbc08afc6eda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
ec8132006658a384133b299a23e236f5b9f410be226e64a6e50cf4a6ca851cbd
f123a86b52bc881b75b0afe9201a8cf1ed563c59e44b84c2c21f58e80ce3b44b