tg.285210.xyz
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://tg.285210.xyz/
Submission: On March 19 via automatic, source phishtank — Scanned from NL
Summary
TLS certificate: Issued by E1 on March 19th 2024. Valid for: 3 months.
This is the only time tg.285210.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
285210.xyz
1 redirects
tg.285210.xyz |
702 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
17 | tg.285210.xyz |
1 redirects
tg.285210.xyz
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tg.285210.xyz E1 |
2024-03-19 - 2024-06-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://tg.285210.xyz/
Frame ID: E15C09263579241641005D8B031487E5
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Telegram WebPage URL History Show full URLs
-
http://tg.285210.xyz/
HTTP 301
https://tg.285210.xyz/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tg.285210.xyz/
HTTP 301
https://tg.285210.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
tg.285210.xyz/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.206d21d2eeb8d8de72d3.css
tg.285210.xyz/ |
411 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-desktop.7ec8ed3b19fabb19d057.css
tg.285210.xyz/ |
272 B 493 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mtproto.worker.937ee1bf2e19f6826ebc.chunk.js
tg.285210.xyz/ |
709 KB 162 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
85.952a9f12a6b3dcdd3f0e.bundle.js
tg.285210.xyz/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
946.ee5b7c972556a387aa20.bundle.js
tg.285210.xyz/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6f7e27a33f682e88ac29.bundle.js
tg.285210.xyz/ |
68 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mtproto.worker.937ee1bf2e19f6826ebc.chunk.js
tg.285210.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
crypto.worker.97275dc4bbabd34138f8.chunk.js
tg.285210.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto.worker.97275dc4bbabd34138f8.chunk.js
tg.285210.xyz/ |
23 KB 9 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
104.1c27a33ef648955a6e92.chunk.js
tg.285210.xyz/ |
59 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
301.42dc636f96a62f6a08c8.chunk.js
tg.285210.xyz/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8.570e6da51a125009c156.chunk.js
tg.285210.xyz/ |
24 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
539.17a0b07b4e6476f19654.chunk.js
tg.285210.xyz/ |
35 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
460.825ce6bcea186b0b7570.chunk.js
tg.285210.xyz/ |
1 MB 359 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
709.73c949c4c6702cdf349b.chunk.js
tg.285210.xyz/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
5434cf22-bb22-470c-b0bb-41618ee74e8e
https://tg.285210.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
eda6903c-cd5c-42ba-89e6-21c951dac866
https://tg.285210.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0eb50cd6-4ba2-4f94-9db4-6ed03f6f1162
https://tg.285210.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
npm.qr-code-styling.2c5d57550714b1a9e42e.chunk.js
tg.285210.xyz/ |
64 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_padded.svg
tg.285210.xyz/assets/img/ |
1 KB 1 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tg.285210.xyz
- URL
- https://tg.285210.xyz/mtproto.worker.937ee1bf2e19f6826ebc.chunk.js
- Domain
- tg.285210.xyz
- URL
- https://tg.285210.xyz/crypto.worker.97275dc4bbabd34138f8.chunk.js
- Domain
- tg.285210.xyz
- URL
- blob:https://tg.285210.xyz/5434cf22-bb22-470c-b0bb-41618ee74e8e
- Domain
- tg.285210.xyz
- URL
- blob:https://tg.285210.xyz/eda6903c-cd5c-42ba-89e6-21c951dac866
- Domain
- tg.285210.xyz
- URL
- blob:https://tg.285210.xyz/0eb50cd6-4ba2-4f94-9db4-6ed03f6f1162
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunktweb object| rootScope function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes function| dispatchHeavyAnimationEvent object| sequentialDom object| appDownloadManager object| appMediaPlaybackController object| appNavigationController function| formatDateAccordingToTodayNew function| fillTipDates function| getVisibleRect function| generatePathData function| p function| putPreloader function| getRichValueWithCaret function| compareNodes function| placeCaretAtEnd object| emoticonsDropdown object| appSidebarRight function| getStream function| getStreamCached object| groupCallController object| callsController object| appDialogsManager object| appSidebarLeft function| SlicedArray function| getElementByPoint function| ScrollSaver object| uiNotificationsManager object| appImManager object| syncedPlayers object| emojiRenderers function| wrapRichText object| animationIntersector object| lottieLoader object| pagesManager0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tg.285210.xyz
tg.285210.xyz
2a06:98c1:3121::3
021ed253fdf4626fda530676ad0fe4c4db5040f80b9b80c8ea24b84b36e162c5
1502596d4cdb523adbb4b060706a7fb183205ceaf3b00a66e343c003a258dc1e
1ab97615b7a05daf4ec62fd69e230eb95561c625454a02d08bc85520f5059be8
1ca002eb8abdb7424768ad2f69a2d207c89cf3a097f775821a6b79fabb9bab57
710943753690722a510c9b80543e54a9cb6cf76723c2bb5b7140e882b73c16e8
71bc5b0f34378298513686e02396c912be96809c7a140db7856caacb4b6a86e1
7ed2fd9e62d88f77e6ddef7a1a574e651588130ab424ea0307f760fd17baf8bd
95bccdbd4b9dc304d71128222b2dbba5b7d6bf02fe76c6236c06f0ddbfb05957
9656ba3de870459aa199de9523dc7efe105c8bf0014f0340abfb1ea3c6a19e7f
9ddb6749a43ef653fb729cd5ac878732c408859729aac719f0cf1590ce7dd14a
a0fa3e7ae54db4429de3f8b1635f08a03097fc0c2d37ce65a8b50be392b41c40
a5d0461b60f90f8a92bde0c8b3c0a20179cf8d0582d79b91599e86d8cef99e51
aa72c9c2f8577586dfce7ebbd188e2821fc79a70cf5f1f8f7c18e1f6f7c33247
b2dad10763d92f171c8a4602243544a79a5c29a95a279bbef07a62657e14a1bf
eac509fa5e2a8a96eb9750f69dea828f55d4c4f96e5fd98dfafd5537e91ff123
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4