![](/screenshots/5c8ea0f2-2c07-4d48-af3e-aafb897b60c0.png)
www.telegramhcn.com
Open in
urlscan Pro
2606:4700:3036::6815:316
Malicious Activity!
Public Scan
Effective URL: https://www.telegramhcn.com/
Submission: On May 13 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 22nd 2024. Valid for: 3 months.
This is the only time www.telegramhcn.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2606:4700:303... 2606:4700:3036::6815:316 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 26 | 172.67.130.15 172.67.130.15 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3034::ac43:9c02 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
telegramhcn.com
1 redirects
www.telegramhcn.com |
23 MB |
2 |
dcobxs.com
web.dcobxs.com |
22 KB |
32 | 2 |
Domain | Requested by | |
---|---|---|
31 | www.telegramhcn.com |
1 redirects
www.telegramhcn.com
|
2 | web.dcobxs.com |
www.telegramhcn.com
web.dcobxs.com |
32 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
apps.apple.com |
web.telegram.org |
core.telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
telegramhcn.com GTS CA 1P5 |
2024-04-22 - 2024-07-21 |
3 months | crt.sh |
dcobxs.com GTS CA 1P5 |
2024-04-27 - 2024-07-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.telegramhcn.com/
Frame ID: 1E46EA87E7F3CCC11F6ACC30D59F4577
Requests: 30 HTTP requests in this frame
Frame:
https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: A828C2A9234DC99F8479D2B15F8853DD
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/5c8ea0f2-2c07-4d48-af3e-aafb897b60c0.png)
Page Title
Telegram-Telegram中文版Page URL History Show full URLs
-
http://www.telegramhcn.com/
HTTP 307
https://www.telegramhcn.com/ Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Twitter
Search URL Search Domain Scan URL
Title: Telegram iPhone/iPad
Search URL Search Domain Scan URL
Title: 网页版
Search URL Search Domain Scan URL
Title: 开发平台
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: 通讯协议
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.telegramhcn.com/
HTTP 307
https://www.telegramhcn.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://www.telegramhcn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.telegramhcn.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.telegramhcn.com/skin/css/ |
44 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
www.telegramhcn.com/skin/js/ |
84 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navright1.png
www.telegramhcn.com/static/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navright.png
www.telegramhcn.com/static/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
www.telegramhcn.com/static/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2left.jpg
www.telegramhcn.com/static/images/ |
145 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2right.jpg
www.telegramhcn.com/static/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session3.jpg
www.telegramhcn.com/static/images/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window.jpg
www.telegramhcn.com/static/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i9.gif
www.telegramhcn.com/static/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i8.gif
www.telegramhcn.com/static/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i7.gif
www.telegramhcn.com/static/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i6.gif
www.telegramhcn.com/static/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i5.gif
www.telegramhcn.com/static/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i4.gif
www.telegramhcn.com/static/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i3.gif
www.telegramhcn.com/static/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i2.gif
www.telegramhcn.com/static/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
section4i1.gif
www.telegramhcn.com/static/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1712855691142296.jpg
www.telegramhcn.com/static/upload/image/20240412/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1712855483179831.jpg
www.telegramhcn.com/static/upload/image/20240412/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom.js
www.telegramhcn.com/skin/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
side.js
www.telegramhcn.com/skin/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hc-sticky.js
www.telegramhcn.com/skin/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.telegramhcn.com/Spider/ |
0 431 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
skin.css
www.telegramhcn.com/skin/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.js
web.dcobxs.com/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
session2i.png
www.telegramhcn.com/static/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame A828 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
matomo.php
web.dcobxs.com/ |
0 362 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.telegramhcn.com/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8832d619583e9235
www.telegramhcn.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A828 |
0 604 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| navright object| _paq function| switchNightMode object| _topnews undefined| _topnews_li undefined| m undefined| timer function| movenews object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.telegramhcn.com/ | Name: lg Value: cn |
|
www.telegramhcn.com/ | Name: _pk_id.19.0c0d Value: 3fb8c53a456e9b6c.1715605278. |
|
www.telegramhcn.com/ | Name: _pk_ses.19.0c0d Value: 1 |
|
.telegramhcn.com/ | Name: cf_clearance Value: 1hnvEDZu2nLMfRdXwxdPH.Go4LhbcAZrwLi8B6TMJL8-1715605279-1.0.1.1-fyTLfDciZEhG8WSe2FtYdTtkY15Yxp5HXyC2fDgh_s_.r5bFUWPEKR24G_JbwpxCXLk5LnUqmIZyZHR7TmgPdw |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
web.dcobxs.com
www.telegramhcn.com
172.67.130.15
2606:4700:3034::ac43:9c02
2606:4700:3036::6815:316
116029bd091ec390064879df7dad05e601e284413f53b9d51978875b85dc7471
15d01829fac9057a922b9168d68d9ea940d7612b0128ae9b67fe69a1dd10e62d
181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261
18bf8049e0be3f13783201733a1e32fe4e6af64d3a19015e8c45a09e59d0f19f
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
321fb7936dada76ce957347f61cd05be88581c5c3532d5cf87d346ba677474f6
33d6be96b9ceed78dc9b32bb3fcdf2814836635d2d376d746f42728c35538f9e
389eb664948dda8c5afdd43719ddfcee49d1332a1306dd717c8505755482cf51
3da30018745ee9d2032bb71f2907a2fa3647d1660d402200d35f161854b0ef48
4d0f4aff736a307746bc5c0e1772e218cc5ea33dd047ca5d7465668661331e2f
572b41c76bcb0a12c575ae1a6729a499943cff67446fffcc209062f0d136fc90
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d0c4939a51a164a3067d43c5071f3b9b468c4b73fa9d27c811fdbcac2ca431e
6b3920ce320ce5f08bb1a40c8566d0b24bd8f19b8c5703b425d145fd43bacc17
74dbe95f91c85e2a1220766f301cde3c9ac89ea35ccac035aa9ac7b1e8c03f18
88afe4caad9d3ef9d7b4a5301d1b2b4378b54d233038079f0145e2f387f4eed9
9fdff231d46f09b29510ef4adc80a4dbae646c9d3da770dfe3c7a9672f48269a
abdbfc359a2954fadb7d335a20c2ae29cc5b00dbd538e88b03d612f978654e45
b285715d34361c4fed5058a10eb830bf2dd61126518477ded340dd7f95221417
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
c443c78239489b2ee75618b26460dae55a87a132b74807780ceab30130eb7a68
c72c14610c3488168b0bab5b6e17d30566dc49a701883402c3c63421df22cfdf
cb3fdae01e5edfb32565c5f7b592bc7ca850cba92565ff12f020df68570481e8
e21cceb8262a91f878fe4e5202139793e9cd3a02da2dd08d2dc4180cd29ac402
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d23b06a4ffd600558e5443d1e32daaaf13a27cf7bb8b7cc163a92b4054aaf2
f123a86b52bc881b75b0afe9201a8cf1ed563c59e44b84c2c21f58e80ce3b44b
f13817d661df7c13714830dd2781baf013d8fc89cf64ad84bcf88168b9874658
f8152a8d500807f824571c3256320bbf578cdce88d45d0fd048a6422f71c272b