the-telegram.net
Open in
urlscan Pro
172.67.190.112
Malicious Activity!
Public Scan
Effective URL: https://the-telegram.net/prem
Submission: On July 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 26th 2024. Valid for: 3 months.
This is the only time the-telegram.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 172.67.190.112 172.67.190.112 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
the-telegram.net
the-telegram.net |
230 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
16 | the-telegram.net |
the-telegram.net
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
the-telegram.net WE1 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://the-telegram.net/prem
Frame ID: 7661313B41B11CB5CFA74152A5C0C281
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Telegram WebPage URL History Show full URLs
-
http://the-telegram.net/prem
HTTP 307
https://the-telegram.net/prem Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://the-telegram.net/prem
HTTP 307
https://the-telegram.net/prem Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
prem
the-telegram.net/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-gp8T3XyW.js
the-telegram.net/static/ |
128 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-pzR5gIOz.css
the-telegram.net/static/ |
440 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mtproto.worker-rzg51R8Z.js
the-telegram.net/static/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
crypto.worker-T8uEdtAd.js
the-telegram.net/static/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
369 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto.worker-T8uEdtAd.js
the-telegram.net/static/ |
67 KB 24 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
59 B 59 B |
Image
image/jxl |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
311 B 0 |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
the-telegram.net/assets/img/ |
15 KB 4 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lang-Y4EV1698.js
the-telegram.net/static/ |
114 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
langSign-lcKrqmwM.js
the-telegram.net/static/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
countries-lRU-UavE.js
the-telegram.net/static/ |
24 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pageSignQR-qrkOhXA9.js
the-telegram.net/static/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-Reex8MgT.js
the-telegram.net/static/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
button-9EPYVaB4.js
the-telegram.net/static/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
putPreloader-JIYavpWD.js
the-telegram.net/static/ |
699 B 894 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
textToSvgURL-Z4O-nL1S.js
the-telegram.net/static/ |
357 B 730 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qr-code-styling-ogpV7fl-.js
the-telegram.net/static/ |
65 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_commonjsHelpers-5-cIlDoe.js
the-telegram.net/static/ |
290 B 657 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e78f49b5-21f8-431b-b54a-8507ded3bc82
https://the-telegram.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
c495fda3-a233-45a8-8ea7-1bfb479d688b
https://the-telegram.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
23dc79e0-ed87-497e-b2cc-6aa4549919a5
https://the-telegram.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_padded.svg
the-telegram.net/assets/img/ |
1 KB 1 KB |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- the-telegram.net
- URL
- https://the-telegram.net/static/mtproto.worker-rzg51R8Z.js
- Domain
- the-telegram.net
- URL
- https://the-telegram.net/static/crypto.worker-T8uEdtAd.js
- Domain
- the-telegram.net
- URL
- blob:https://the-telegram.net/e78f49b5-21f8-431b-b54a-8507ded3bc82
- Domain
- the-telegram.net
- URL
- blob:https://the-telegram.net/c495fda3-a233-45a8-8ea7-1bfb479d688b
- Domain
- the-telegram.net
- URL
- blob:https://the-telegram.net/23dc79e0-ed87-497e-b2cc-6aa4549919a5
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| rootScope function| deferredPromise function| AppStorage object| stateStorage function| wrapUrl object| I18n object| webpWorkerController object| appStorage object| singleInstance object| webPushApiManager object| telegramMeWebManager object| opusDecodeController object| cryptoMessagePort object| mtprotoMessagePort object| serviceMessagePort object| apiManagerProxy function| calcImageInBox object| mediaSizes object| customProperties object| windowSize object| liteMode object| themeController object| overlayCounter function| formatDateAccordingToTodayNew function| fillTipDates function| dispatchHeavyAnimationEvent object| pagesManager object| sequentialDom function| putPreloader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
the-telegram.net
the-telegram.net
172.67.190.112
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
16cc8aefa7fba84c342010a227aa9481a098500013fea97812b7689721e0d3d7
19fb2e2b1a73081d0be43d40c28e85d6875138f1f0b89c8a1837c3e806d578b3
36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd
6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e
6e8f2da9c344b748747fe5b0c3c3e6ff3fe08e1829f2a6aee736dd6697d9ea0c
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
73f9a0081230b0251949be0e2bbbc810ced64ef3e5b35110cf3512ad47fca70b
7405f76691ce6b88795adec27f7bbdc1d8071102eb6fd1924c584407c885e965
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
831d9aa3b212fab668711a4ce9731a36df0394c146bd0991bde20e0c9d298f19
8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2
900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79
a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483
a9bb81a0b6ba28daa048788979595e5556f15d9ecbdbf03e66646c4b6a6ae283
ae2dfcfbe272ff1571c50bb4656a585ecab21473aff7fb3fff35cb05b0608b4a
b16cfc78065c0a3848ca1fd44831e2792d5371dd614cbeb4aacfed1440963eae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4