telega.info

Potentially Malicious

Malicious infrastructure used for Telegram traffic interception

u/anonymous
4 days ago edited 4 days ago
This URL is dangerous

URL: https://api.telega.info/v1/dc-proxy

User Assessment: Dangerous

AI Verdict: SAFE (70% confidence)

Analysis: The URL returns a standard JSON response, which is typical for API endpoints and does not indicate a malicious web page or phishing attempt.

Key Findings:

  • The URL serves a JSON data response rather than a web page.
  • No login forms, download prompts, or deceptive content were detected.
  • The domain has been active for over a year with no signs of malicious activity.

User Comment: Telega is an alternative Telegram client promoted in Russia and closely associated with VK LLC. Since March 18, Telega carries out a MITM attack on its users. The client requests (via Telega API) a list of IPs of Telega DCs in order to replaces the IPs of legitimate Telegram DCs with them. This provides the attacker with a complete users' Telegram account access.

1
0
Threat
URLert · Suggested

Is this domain truly safe?

Community posts reflect opinions — not verified analysis. Even trusted domains can host malicious URLs. Compare with our automated intelligence.

Investigate Now