wtelegram.com
Open in
urlscan Pro
134.122.135.241
Malicious Activity!
Public Scan
Submission: On November 13 via api from IN — Scanned from DE
Summary
This is the only time wtelegram.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 134.122.135.241 134.122.135.241 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
2 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
20 | 3 |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
wtelegram.com
wtelegram.com |
23 MB |
2 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9830 |
12 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
18 | wtelegram.com |
wtelegram.com
|
2 | hm.baidu.com |
wtelegram.com
|
20 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
baidu.com GlobalSign RSA OV SSL CA 2018 |
2023-07-06 - 2024-08-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://wtelegram.com/
Frame ID: E63C5AA1805AFB6BBCCE8868E142E0F4
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
telegram中文版官网Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Baidu Analytics (百度统计) (Analytics) Expand
Detected patterns
- hm\.baidu\.com/hm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
wtelegram.com/ |
594 B 840 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.3dc508817cd10c531f59b4639080e7da.css
wtelegram.com/static/css/ |
292 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manifest.3ad1d5771e9b13dbdad2.js
wtelegram.com/static/js/ |
800 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.2cb438234692d1966c4c.js
wtelegram.com/static/js/ |
1012 KB 294 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.7bd914cf825a05508162.js
wtelegram.com/static/js/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_logo.2c84be4.png
wtelegram.com/static/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SiteDesktop.18accec.png
wtelegram.com/static/img/ |
96 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SiteAndroid.f5eb8dc.jpg
wtelegram.com/static/img/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SiteiOS.89486a0.jpg
wtelegram.com/static/img/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic21.cbd2d6a.gif
wtelegram.com/static/img/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic22.9f6cb1e.gif
wtelegram.com/static/img/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic23.999ccb0.gif
wtelegram.com/static/img/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic24.e60746b.gif
wtelegram.com/static/img/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic25.6a88bbd.gif
wtelegram.com/static/img/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic26.14c0a01.gif
wtelegram.com/static/img/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic27.3ca4222.gif
wtelegram.com/static/img/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic28.21528f5.gif
wtelegram.com/static/img/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list-pic29.5433cf6.gif
wtelegram.com/static/img/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| webpackJsonp object| less object| __core-js_shared__ boolean| _bdhm_loaded_c7666ce18e709f539802661fd882b54c object| _hmt object| mini_tangram_log_kvk5y13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: E4C7C4142E3A4484 |
|
.wtelegram.com/ | Name: Hm_lvt_c7666ce18e709f539802661fd882b54c Value: 1699885327 |
|
.wtelegram.com/ | Name: Hm_lpvt_c7666ce18e709f539802661fd882b54c Value: 1699885327 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hm.baidu.com
wtelegram.com
103.235.46.191
134.122.135.241
10a3e8b85849367ab90ac3dca9839f84b60e13d0db9e77de916631fcd5ba245d
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
14a2305836672a29d389797d6f6a6c7a395cf6d60d326b4858fcc183ef4e9025
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
501f30155de6af28878364dadf8a702702cfd1fd80fa4c7baeece9ef316a5a48
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
63473a16bc40fa486091235e0a7ede9ab5e6018234f42886d0691e9bf6b2a372
65f441c17c10c0ab2b1657394d2608b1eec0efa71c023d854b461abb37f3e62d
77b87f2e8468b07df6dcb7c12fe7cedc619153bb8489b20e12fb5092136cc948
7afd7c9f6c8f225385a8a520345f811b3a142542ae22f4898e4795e30f887fd0
8366febe886ee8ae253f20b215494a45e59f420ccd655bcefd898ddd8df89d22
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf558500dbe2e3cf7010750521a7d457d8ab7a4eef3fca27b17ff26a1f242641
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
eb76a2cff30ac67849281f48ec2eb3b6e06ec23c55c597bda95374e90d08c4fa
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b