zhukov.github.io
Open in
urlscan Pro
2606:50c0:8001::153
Malicious Activity!
Public Scan
Effective URL: https://zhukov.github.io/webogram/
Submission: On May 09 via api from BY — Scanned from CH
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.
This is the only time zhukov.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 116.202.46.42 116.202.46.42 | 24940 (HETZNER-AS) (HETZNER-AS) | |
11 | 2606:50c0:800... 2606:50c0:8001::153 | 54113 (FASTLY) (FASTLY) | |
8 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
19 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: lx67.hoststar.hosting
telegram.1-0-5.ch |
ASN62041 (TELEGRAM, VG)
venus.web.telegram.org | |
vesta.web.telegram.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
github.io
zhukov.github.io |
761 KB |
8 |
telegram.org
venus.web.telegram.org — Cisco Umbrella Rank: 42443 vesta.web.telegram.org — Cisco Umbrella Rank: 233609 |
4 KB |
1 |
1-0-5.ch
1 redirects
telegram.1-0-5.ch |
119 B |
19 | 3 |
Domain | Requested by | |
---|---|---|
11 | zhukov.github.io |
zhukov.github.io
|
5 | venus.web.telegram.org |
zhukov.github.io
|
3 | vesta.web.telegram.org |
zhukov.github.io
|
1 | telegram.1-0-5.ch | 1 redirects |
19 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
desktop.telegram.org |
telegram.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
*.web.telegram.org Go Daddy Secure Certificate Authority - G2 |
2023-08-30 - 2024-09-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://zhukov.github.io/webogram/
Frame ID: BDA1563F86B7F58CC7713C9587A5836E
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Telegram WebPage URL History Show full URLs
-
http://telegram.1-0-5.ch/
HTTP 307
https://telegram.1-0-5.ch/ HTTP 301
http://zhukov.github.io/webogram/ HTTP 307
https://zhukov.github.io/webogram/ Page URL
Detected technologies
GitHub Pages (CDN) ExpandDetected patterns
- ^https?://[^/]+\.github\.io
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: desktop.telegram.org
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: mobile apps
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://telegram.1-0-5.ch/
HTTP 307
https://telegram.1-0-5.ch/ HTTP 301
http://zhukov.github.io/webogram/ HTTP 307
https://zhukov.github.io/webogram/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
zhukov.github.io/webogram/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
zhukov.github.io/webogram/css/ |
188 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
zhukov.github.io/webogram/js/ |
3 MB 692 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.css
zhukov.github.io/webogram/css/ |
48 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
zhukov.github.io/webogram/js/locales/ |
48 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
zhukov.github.io/webogram/ |
959 B 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
58 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
682 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
340 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
751 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
General.png
zhukov.github.io/webogram/img/icons/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Telegram.svg
zhukov.github.io/webogram/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
zhukov.github.io/webogram/ |
959 B 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto_worker.js
zhukov.github.io/webogram/js/lib/ |
1 KB 760 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
venus.web.telegram.org/ |
84 B 345 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
zhukov.github.io/webogram/ |
959 B 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
venus.web.telegram.org/ |
652 B 912 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
venus.web.telegram.org/ |
72 B 331 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
venus.web.telegram.org/ |
168 B 428 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
venus.web.telegram.org/ |
168 B 428 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
vesta.web.telegram.org/ |
84 B 343 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
vesta.web.telegram.org/ |
652 B 912 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apiw1
vesta.web.telegram.org/ |
72 B 331 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)353 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse function| bnIsProbablePrime function| bnpMillerRabin function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| findPrimes function| millerRabinInt function| millerRabin function| bitSize function| expand function| randTruePrime function| randProbPrime function| randProbPrimeRounds function| mod function| addInt function| mult function| powMod function| sub function| add function| inverseMod function| multMod function| randTruePrime_ function| randBigInt function| randBigInt_ function| GCD function| GCD_ function| inverseMod_ function| inverseModInt function| inverseModInt_ function| eGCD_ function| negative function| greaterShift function| greater function| divide_ function| carry_ function| modInt function| int2bigInt function| str2bigInt function| equalsInt function| equals function| isZero function| bigInt2str function| dup function| copy_ function| copyInt_ function| addInt_ function| rightShift_ function| halve_ function| leftShift_ function| multInt_ function| divInt_ function| linComb_ function| linCombShift_ function| addShift_ function| subShift_ function| sub_ function| add_ function| mult_ function| mod_ function| multMod_ function| squareMod_ function| trim function| powMod_ function| mont_ function| dT function| checkClick function| isInDOM function| checkDragEvent function| cancelEvent function| hasOnclick function| getScrollWidth function| onCtrlEnter function| setFieldSelection function| getFieldSelection function| getRichValue function| getRichValueWithCaret function| getRichElementValue function| setRichFocus function| getSelectedText function| scrollToNode function| onContentLoaded function| tsNow function| safeReplaceObject function| listMergeSorted function| listUniqSorted function| templateUrl function| encodeEntities function| calcImageInBox function| versionCompare function| bigint function| bigStringInt function| dHexDump function| bytesToHex function| bytesFromHex function| bytesToBase64 function| uint6ToBase64 function| base64ToBlob function| dataUrlToBlob function| blobConstruct function| blobSafeMimeType function| bytesCmp function| bytesXor function| bytesToWords function| bytesFromWords function| bytesFromBigInt function| bytesFromLeemonBigInt function| bytesToArrayBuffer function| convertToArrayBuffer function| convertToUint8Array function| convertToByteArray function| bytesFromArrayBuffer function| bufferConcat function| longToInts function| longToBytes function| longFromInts function| intToUint function| uintToInt function| sha1HashSync function| sha1BytesSync function| sha256HashSync function| rsaEncrypt function| addPadding function| aesEncryptSync function| aesDecryptSync function| gzipUncompress function| nextRandomInt function| pqPrimeFactorization function| pqPrimeBigInteger function| gcdLong function| pqPrimeLong function| pqPrimeLeemon function| bytesModPow function| TLSerialization function| TLDeserialization function| EmojiTooltip function| EmojiPanel function| MessageComposer function| Scroller number| dbits number| canary boolean| j_lm number| BI_FP string| BI_RM object| BI_RC number| rr number| vv object| lowprimes number| lplim object| rng_state object| rng_pool number| rng_pptr object| global object| t object| ua undefined| z number| rng_psize object| CryptoJS function| OGVDemuxerOgg function| OGVDecoderAudioOpus function| OGVDecoderAudioVorbis number| _logTimer object| extraModules function| setZeroTimeout function| $ function| jQuery object| Config object| ConfigStorage function| safeConfirm object| angular function| Rusha object| Zlib object| goog number| bpe number| mask number| radix string| digitsStr object| buff object| one object| ss object| s0 object| s1 object| s2 object| s3 object| s4 object| s5 object| s6 object| s7 object| T object| sa object| mr_x1 object| mr_r object| mr_a object| eg_v object| eg_u object| eg_A object| eg_B object| eg_C object| eg_D object| md_q1 object| md_q2 object| md_q3 object| md_r object| md_r1 object| md_r2 object| md_tt object| primes object| pows object| s_i object| s_i2 object| s_R object| s_rm object| s_q object| s_n1 object| s_a object| s_r2 object| s_n object| s_b object| s_d object| s_x1 object| s_x2 object| s_aa object| rpprb function| WebPDecoder function| OGVTimeRanges function| OGVMediaError string| prop object| OGVCompat object| OGVLoader function| OGVMediaType function| OGVPlayer string| OGVVersion object| ogvjs function| Recorder function| onAnimationFrameCallback object| SearchIndexManager object| EmojiHelper object| jQuery111106010079425710573 undefined| BlobBuilder function| requestFileSystem object| rushaInstance object| cachedFs number| k number| checkConnectionPeriod0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
telegram.1-0-5.ch
venus.web.telegram.org
vesta.web.telegram.org
zhukov.github.io
116.202.46.42
2001:67c:4e8:f004::9
2606:50c0:8001::153
1787211bb6c15bc910e4aa84f5840a92bf1d52d9fed9975d604e91a2164d894e
44ae6bb193fc017f3d4e1b1bb7e3244d3e4a9b13ffc9fd3f24e381bb446e4276
462c72824442b77689e0650dfe56a218cbea68b48669d68f3f7b3247af187d09
4c2c1ecda421d589e2e016298ef887da21516f115976dc1c81ae683ea67b083c
617f22f8c6cc829644c0a45c1c83cae9dcf76812165c6f9e4fee75e45663086c
6eae8d092e2d203fb5c0466954014da03deec912482bc31e3622bbebe8ee4d1a
7276fb74c44092bd752bfa5a62f848e00c0f6445a813b9ad69eff301c4f472b4
7583205460e8aa46ec80d7ef8340f10db692ec7ca8b7df2decb95a558246c4c9
7c0da54c3ce8646ac199b032fafe351b639483676426efc50f5df39f5c20e79c
948d001d1b5af078ac5447b41fd58d845c5fa4b38c974e90393e603768700623
ab24b8258e6d00603702753a091af931e3995de0059ab0aadc1bf8700a8cb37e
b25afec7cfa96e9827e3babc88ce7dbcc4e627c2f05349d38d3d483ddca62b15
bd24e2e781d27a24a5b689e340f6acfd17069cf48814d563160c8c9265382d77
c47434acd9cc3f90b5bce8c782561ce10c52903c7fac19e141030c57d9c6dcf3
ce393f5a9300d4fe44d62d4de68b61ab4bb6b9a40a4ea07fe9759985c203e1a2
de4c9d4b70bd3057b0b5a9392746eab9374dfdc5992d3f72eb819cb0ee44a577
dff463cf60e5cb2f2b39037ea591584d28acba604027949f272356d76bb0c33b
f3408991e570821c11e13240c7a7382d5a3ff7d41b16625131173650868d519b
fd4187fa4010f3daef2226882a74e8767c65ba9e531a6b1eee5f53d520535417
fe146019189901e1e9b9a1d1ce67ed7435ddf121c04461169c6fd4b3e8ed1f6c
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514