Report Overview
Visitedpublic
2023-11-28 07:20:07
Tags
Submit Tags
URL
178.20.41.168:8080/?pid=532&click_id=656594812930530001f8a67e&sub_id=18&channel=-1001682994742
Finishing URL
t.me/+bsrJ1UQOT9EwOWMy
IP / ASN
178.20.41.168
Title
Telegram: Join Group Chat
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
cdn4.cdn-telegram.org | unknown | 2023-11-04 | 2023-11-04 22:41:19 | 2023-11-27 14:57:48 | 783 B | 9.3 kB |  34.111.35.152 | |
telegram.org | 5408 | 2003-12-15 | 2013-12-18 14:14:30 | 2023-11-27 18:07:21 | 5.1 kB | 445 kB |  149.154.167.99 | |
178.20.41.168:8080 1 alert(s) on this Domain | unknown | unknown | No data | No data | 476 B | 477 B | 178.20.41.168 | |
t.me | 6552 | 2010-05-20 | 2015-06-29 21:03:15 | 2023-11-27 21:55:12 | 488 B | 4.9 kB | 149.154.167.99 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 149.154.167.99 | ET INFO Observed Telegram Domain (t .me in TLS SNI) |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-11-28 | medium | 178.20.41.168 | Sinkholed |
ThreatFox
No alerts detected
JavaScript (4)
No JavaScripts
HTTP Transactions (14)
| URL | IP | Response | Size |
|---|