telegram-tw.com Open in urlscan Pro
2606:4700:3032::ac43:97cd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://telegram-tw.com/
Submission: On November 21 via automatic, source openphish (November 21st 2024, 1:16:17 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3032::ac43:97cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegram-tw.com.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.

This is the only time telegram-tw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3032::ac43:97cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	90.84.161.18 90.84.161.18	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN Orange S.A.)
8	2

6 2606:4700:3032::ac43:97cd (United States)

ASN13335 (CLOUDFLARENET, US)

telegram-tw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 90.84.161.18 (France)

ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	telegram-tw.com telegram-tw.com	288 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	34 KB
8	2

	Domain	Requested by
6	telegram-tw.com	telegram-tw.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	telegram-tw.com
8	3

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
telegram-tw.com WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://telegram-tw.com/
Frame ID: 73EF36C3AF1F12B21D816A8C1E62D2A8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram電腦版｜Telegram中文版｜Telegram官網

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

322 kB
Transfer

334 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=org.telegram.messenger
Title: Android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tw/app/telegram-messenger/id686449807
Title: iPhone 或 iPad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response telegram-tw.com/	2 KB 2 KB	520ms 329ms	Document text/html	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-tw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58ebf94097cd8ac402600592fc0b6feb2b48a9dc63d596f7251d4d093318e70a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e60f3a8fcef8f3a-FRA content-encoding zstd content-type text/html date Thu, 21 Nov 2024 13:16:01 GMT last-modified Thu, 31 Oct 2024 14:16:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQZBkVx1hzAQxbr%2ByjAbRX5Orgqw3%2BcmIAb%2FSXDLO8NuZuWMUVdV%2BBBvjqx8VDwBKx%2B5LPKXGuHLvE7FmUHPaC5XFQzoD2hpl0dJGgTiYNJmLmWHepRbsdn%2F8bQibEViaNBpeJaHlCsqG4A84pE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=24298&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4228&recv_bytes=4474&delivery_rate=529&cwnd=12000&unsent_bytes=0&cid=04e5330270aad1c8&ts=482&x=1" cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	style.css telegram-tw.com/css/	1 KB 1 KB	92ms 90ms	Stylesheet text/css	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-tw.com/css/style.css Requested by Host: telegram-tw.com URL: https://telegram-tw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eb0bcd9461a96991a2d0ce9b439524ae5a3fdf10bf32674c1d7cd04072d68a98` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66254123-524" age 15804 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqH5EE6f2Din6CTx6PL0hTuwAxEZ4IendjUA9V9VFQ08J7m7dn1sc1CEU6MoSWhsydg%2FLAmLfVz%2FycF2dyy1wYJyWGwnikaBM2qascWBSX7q4c%2FRKRs4DHnCYZk%2BUEFtJo%2FL5DhcZAu%2BDFK%2BSx0%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 21 Nov 2024 20:52:37 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23889&sent=27&recv=15&lost=0&retrans=0&sent_bytes=18162&recv_bytes=5522&delivery_rate=85375&cwnd=12000&unsent_bytes=0&cid=04e5330270aad1c8&ts=531&x=1", cfHdrFlush;dur=22 date Thu, 21 Nov 2024 13:16:01 GMT content-type text/css last-modified Sun, 21 Apr 2024 16:38:59 GMT vary Accept-Encoding cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e60f3ab1f1b8f3a-FRA server cloudflare
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 34 KB	1611ms 252ms	Script text/plain	90.84.161.18 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: telegram-tw.com URL: https://telegram-tw.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.18 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software openresty / Resource Hash `c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers cache-control no-store access-control-allow-credentials true via EU-GER-frankfurt-EDGE5-CACHE5[177],EU-GER-frankfurt-EDGE5-CACHE5[ovl,171],CHN-HElangfang-GLOBAL6-CACHE19[ovl,15] access-control-allow-origin * x-ccdn-req-id-46b1 cf2dce998b5ed839c1b91d412f6c9696 date Thu, 21 Nov 2024 13:16:02 GMT content-type text/plain; charset=utf-8 server openresty
GET H3	200	logo.png telegram-tw.com/images/	13 KB 13 KB	38ms 37ms	Image image/png	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegram-tw.com/images/logo.png Requested by Host: telegram-tw.com URL: https://telegram-tw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e49eaa2260a0c8735a25b06f438825b9129265373292085e6bb9b7478c2176a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66253d67-35a5" age 15804 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSZOp7rVB972Ji4cE8dbkEjzHJONu7uwfNLoDDJ4qxIVDqpDg4S87S8k7vIhGHtVtnciBqVKiW4tb8gOYn76Z9B%2F61z7B9mtCIlUo%2FiAIyYMppSjlsvcdfe%2B4D33e9g1JxW3HWB5u1OEN8XaMT8%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 21 Dec 2024 08:52:37 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23889&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6162&recv_bytes=5522&delivery_rate=85375&cwnd=12000&unsent_bytes=0&cid=04e5330270aad1c8&ts=530&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 13:16:01 GMT content-type image/png last-modified Sun, 21 Apr 2024 16:23:03 GMT vary Accept-Encoding cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e60f3ab1f1d8f3a-FRA server cloudflare
GET H3	200	mobile.png telegram-tw.com/images/	124 KB 124 KB	90ms 89ms	Image image/png	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegram-tw.com/images/mobile.png Requested by Host: telegram-tw.com URL: https://telegram-tw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e2c9a9d8369e52b3901df8189ec87dc3dcc34ac239ec9990604d73c116a1d5d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66253b04-1f178" age 15804 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtrIOEhVePRFZYOt271H8NkY591pOdXKAVk4H%2FOBkm352jxIqU2Nl%2B0tgMLQp%2F3Th%2BSiAvSkRECfXKg4JcwbCwfIV%2Bxq52tXCFHoU2iJibH5tJ%2FcLWj1ArKBZzFs12MhaCKb%2BSOpIK6%2BVNgLpa4%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 21 Dec 2024 08:52:37 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23889&sent=27&recv=15&lost=0&retrans=0&sent_bytes=18162&recv_bytes=5522&delivery_rate=85375&cwnd=12000&unsent_bytes=0&cid=04e5330270aad1c8&ts=531&x=1", cfHdrFlush;dur=22 date Thu, 21 Nov 2024 13:16:01 GMT content-type image/png last-modified Sun, 21 Apr 2024 16:12:52 GMT vary Accept-Encoding cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e60f3ab1f228f3a-FRA server cloudflare
GET H3	200	pc.png telegram-tw.com/images/	145 KB 144 KB	155ms 154ms	Image image/png	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telegram-tw.com/images/pc.png Requested by Host: telegram-tw.com URL: https://telegram-tw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14ba10e1915a1d32b62c4b42fb6162f5ace7de78faf9e30ef5874a04589cdfb4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66253b8c-24310" age 15803 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zV14x7Jvqryta0S0Z6SpsPXp0JvVCBy347oXdXjcDRDnz9mXg1JcZwvLPRdfZ96P%2BBp6zLM2xbWQLQRE2MvUrV9benm%2FFUnln9Oa97Jm5mEKx5oqGcSFHuncLvrhDcfd6m3QVjZfWXF4GqvkngQ%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 21 Dec 2024 08:52:38 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28480&sent=141&recv=46&lost=0&retrans=0&sent_bytes=150900&recv_bytes=7160&delivery_rate=1118538&cwnd=80400&unsent_bytes=0&cid=04e5330270aad1c8&ts=625&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 13:16:01 GMT content-type image/png last-modified Sun, 21 Apr 2024 16:15:08 GMT vary Accept-Encoding cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e60f3abbfc48f3a-FRA server cloudflare
POST H2	200	collect Show response collect-v6.51.la/v6/	0 377 B	1361ms 237ms	XHR text/plain	90.84.161.18 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.18 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers via EU-GER-frankfurt-EDGE5-CACHE5[210],EU-GER-frankfurt-EDGE5-CACHE5[ovl,207],EU-GER-frankfurt-EDGE7-CACHE1[ovl,205],EU-NLD-amsterdam-EDGE3-CACHE1[ovl,199],CA-MNG-ulaanbaatar-EDGE1-CACHE4[ovl,88] access-control-allow-origin https://telegram-tw.com x-ccdn-req-id-46b1 8700bae8cecf303ba21a3ca9f318c71d content-length 0 date Thu, 21 Nov 2024 13:16:04 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials true
GET H3	200	favicon.ico telegram-tw.com/	15 KB 4 KB	343ms 335ms	Other image/x-icon	2606:4700:3032::ac43:97cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-tw.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:97cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://telegram-tw.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"662536ed-3aee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPMYGL6PI2XUqOC5RHbzu%2BT5wMAfNtY59mYNKllVvYp3u2Bek0jKp6C8gprYrIx3p5Txe2hUGJkMgnu8uiOV29dEAxTy1Zgam4Hlcjtqqv8rcnsY%2Fa2Z1yw%2FmwWyCI7oIqDxQGWHbo2xMPzwJMc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e60f3b6cc158f3a-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29632&sent=340&recv=72&lost=68&retrans=68&sent_bytes=380705&recv_bytes=9200&delivery_rate=80883&cwnd=58320&unsent_bytes=0&cid=04e5330270aad1c8&ts=2690&x=1", cfHdrFlush;dur=0 date Thu, 21 Nov 2024 13:16:03 GMT content-type image/x-icon last-modified Sun, 21 Apr 2024 15:55:25 GMT vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| LA number| laWaitTime

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
telegram-tw.com/	1969-12-31 23:59:59	Name: __vtins__3Feyjrishrt6G4Qv Value: %7B%22sid%22%3A%20%221db5e8e2-abe2-589b-bf5a-86a8dd3a9928%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201732196762880%2C%20%22ct%22%3A%201732194962880%7D
telegram-tw.com/	1970-01-21 10:45:54	Name: __51uvsct__3Feyjrishrt6G4Qv Value: 1
telegram-tw.com/	1970-01-21 10:45:54	Name: __51vcke__3Feyjrishrt6G4Qv Value: a466185f-2e4d-5d96-a19f-aeb6dc33d250
telegram-tw.com/	1970-01-21 10:45:54	Name: __51vuft__3Feyjrishrt6G4Qv Value: 1732194962898

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
sdk.51.la
telegram-tw.com
2606:4700:3032::ac43:97cd
90.84.161.18
0e49eaa2260a0c8735a25b06f438825b9129265373292085e6bb9b7478c2176a
14ba10e1915a1d32b62c4b42fb6162f5ace7de78faf9e30ef5874a04589cdfb4
4e2c9a9d8369e52b3901df8189ec87dc3dcc34ac239ec9990604d73c116a1d5d
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
58ebf94097cd8ac402600592fc0b6feb2b48a9dc63d596f7251d4d093318e70a
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0bcd9461a96991a2d0ce9b439524ae5a3fdf10bf32674c1d7cd04072d68a98

telegram-tw.com Open in urlscan Pro 2606:4700:3032::ac43:97cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

322 kBTransfer

334 kBSize

4 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

Indicators

telegram-tw.com Open in urlscan Pro
2606:4700:3032::ac43:97cd Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

322 kB
Transfer

334 kB
Size

4
Cookies

8 HTTP transactions
0 data transactions