webogram.org
Open in
urlscan Pro
2606:50c0:8000::153
Malicious Activity!
Public Scan
Effective URL: https://webogram.org/a/
Submission: On May 15 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time webogram.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 2606:50c0:800... 2606:50c0:8000::153 | 54113 (FASTLY) (FASTLY) | |
2 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
webogram.org
1 redirects
webogram.org — Cisco Umbrella Rank: 802176 |
534 KB |
1 |
telegram.me
telegram.me — Cisco Umbrella Rank: 42378 |
359 B |
1 |
t.me
t.me — Cisco Umbrella Rank: 19478 |
359 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
18 | webogram.org |
1 redirects
webogram.org
|
1 | telegram.me |
webogram.org
|
1 | t.me |
webogram.org
|
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webogram.org R3 |
2024-04-28 - 2024-07-27 |
3 months | crt.sh |
*.t.me Go Daddy Secure Certificate Authority - G2 |
2023-10-06 - 2024-11-06 |
a year | crt.sh |
*.telegram.me Go Daddy Secure Certificate Authority - G2 |
2023-09-20 - 2024-10-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://webogram.org/a/
Frame ID: 3406C635D412F471B1BF4E5CF59D48BF
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
TelegramPage URL History Show full URLs
-
http://webogram.org/a
HTTP 307
https://webogram.org/a HTTP 301
https://webogram.org/a/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://webogram.org/a
HTTP 307
https://webogram.org/a HTTP 301
https://webogram.org/a/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
webogram.org/a/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.js
webogram.org/a/ |
325 B 401 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a654971daabccd27b528.js
webogram.org/a/ |
383 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.82c1f6165ead4f58ed2c.css
webogram.org/a/ |
107 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compatTest.js
webogram.org/a/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1915.44f46b9209d4c21e2dae.js
webogram.org/a/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-bg-br.f34cc96fbfb048812820.png
webogram.org/a/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-bg-pattern-light.ee148af944f6580293ae.png
webogram.org/a/ |
266 KB 268 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
307 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.mp3
webogram.org/a/ |
11 KB 11 KB |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_websync_
t.me/ |
4 B 359 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_websync_
telegram.me/ |
4 B 359 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6839.01a53cbedf5d86d252ec.js
webogram.org/a/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3748.e75e7ce83d380e6beb16.js
webogram.org/a/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8290.4516aef256592f4583c0.js
webogram.org/a/ |
250 KB 69 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4680.dc1bf14744443c444561.js
webogram.org/a/ |
10 KB 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4680.dc1bf14744443c444561.js
webogram.org/a/ |
10 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4680.dc1bf14744443c444561.js
webogram.org/a/ |
10 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4680.dc1bf14744443c444561.js
webogram.org/a/ |
10 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
webogram.org/a/ |
2 KB 3 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.8dd283bceccca95a48d8.png
webogram.org/a/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.8dd283bceccca95a48d8.png
webogram.org/a/ |
0 0 |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.8dd283bceccca95a48d8.png
webogram.org/a/ |
0 0 |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| compatTest boolean| isCompatTestPassed object| webpackChunktelegram_t0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
t.me
telegram.me
webogram.org
2001:67c:4e8:f004::9
2606:50c0:8000::153
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7
166b9c140da17864486aaa8e6d53ad4169ffaac1b2101c73680550f9331c926f
1789e4667cbc1c43720aa6e606692500807e7bfd7c116514bbcc68a0b9d96b60
1e253d3f513bbf831c7e7da3e513cf8d4177f7f398c1fad87809d393a58c1697
22c6b05f0b138dddb5711fdb998be90abf8093e271085bda6448bd6bc72c95d2
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f
504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
7577a5e009d909831804ae7bb68d9a2a6aab1395f5737ed89f33565cbda20ca5
7c24d23a553bc4c339a63153bd769addb83eb33b64e27be87072b7071fbaed53
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6
8ab79b93ac5fab756e39e798c4a5dbe633ec54951707cef4807890a4cfd6bad5
a3a128c34d1e46a94cf9ce00f556f4ac5f038c88ce4b8c783bb7b14423855cab
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
cb309c03f4c1a7c486b33ece9e4e7f8154cdb26ebc051042d060d25e6f36a563
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1