telegram-korea.com Open in urlscan Pro
2606:4700:3036::ac43:9776 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegram-korea.com/
Effective URL:
https://telegram-korea.com/
Submission: On September 29 via api (September 29th 2024, 2:51:56 am UTC) from HK — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3036::ac43:9776, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegram-korea.com.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time telegram-korea.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
17	2606:4700:303... 2606:4700:3036::ac43:9776		13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

17 2606:4700:3036::ac43:9776 (United States)

ASN13335 (CLOUDFLARENET, US)

telegram-korea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	telegram-korea.com telegram-korea.com	263 KB
25	1

	Domain	Requested by
17	telegram-korea.com	telegram-korea.com
25	1

This site contains no links.

Subject Issuer	Validity	Valid
telegram-korea.com WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://telegram-korea.com/
Frame ID: B4BEC934C09B008235FDC8416E1881D0
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://telegram-korea.com/ HTTP 307
https://telegram-korea.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

68 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

263 kB
Transfer

1064 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegram-korea.com/ HTTP 307
https://telegram-korea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response telegram-korea.com/ Redirect Chain http://telegram-korea.com/ https://telegram-korea.com/	17 KB 6 KB	728ms 493ms	Document text/html	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `10580ae039ff78954519dbc8d8b2aabd8519bf3f664cb1417f08c70eb61957fc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers access-control-allow-origin * cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8ca8ac76fe511249-ORD content-encoding br content-type text/html; charset=UTF-8 date Sun, 29 Sep 2024 02:51:50 GMT last-modified Sat, 28 Sep 2024 08:26:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYw4kSRFxoEdULDeDCiUjo%2BIwhpDgxxMuBLXKoyRF6WJYZ6KhN9O5omuwIVwnCJRCF9z1%2BB5iO0ccF7SxeTcy4uBpWXIcv%2FBzizFTd6rY4%2FtezLmmkPSTJDBiQqYTVDtLz2F3rBBirXfzgez7o4roQE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by Express Redirect headers Location https://telegram-korea.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	speculation telegram-korea.com/cdn-cgi/	128 B 475 B	111ms 111ms	Other application/speculationrules+json	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIdkvgu5W0BWEfVQ3hlGiSNRcw%2Bt6bREEYzXzzy7Dhsq06rSFrTZtXCnPNPmtaeNa1va4ml7JHVd1xsRX4i5U%2FRo83RNy%2BgQ1ED0R3KoLfsBCV5ht6ftKz7b2q%2BXG225dChnnYHzCayWsLQBw04PfA4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a19b71249-ORD access-control-allow-origin https://telegram-korea.com content-length 128 date Sun, 29 Sep 2024 02:51:50 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	red.js Show response telegram-korea.com/	6 KB 4 KB	490ms 490ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/red.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `6e97b43a97dc438f6b883caacce54c5af1d30c943390d7e214a793221446c2d0` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"18d1-19213f707fb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuJjaDL9KRkEaM8dlpmuWBszsaLYsNpzcIroEar4fIx0%2FXAkExtetRedpEBojtyPW%2F6Dd9Vgm%2FxRHgUzu3ONHJJIrNWjm8VOPiY8WuduPIH8u2y8aSVjiz7kRrQ%2FHswuZTx2Bd4tLDbtr20GMYJCH8Q%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a19b91249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Sat, 21 Sep 2024 09:43:29 GMT
GET H2	200	index-DMLC1qu5.js Show response telegram-korea.com/	133 KB 48 KB	490ms 490ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/index-DMLC1qu5.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `86ead3e26c4c85c574719a6fb33c0233cb687c75ab6fd427611cbc32de7bbde4` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"21298-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sF4PkoeO8BLmJXjSVUvSNdweMSwshkkG9tYbojThga0tVXKQcCMV%2FlIyjhwREwYwbaYbf1VNXPihtVZ3pS05Da8hyN83xCQhkGFu4ZACU1mTVI4oxXCe79EqKaiAlAe2Pq0e3XDKQlOlvkXiYtTJHno%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a29bc1249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	jquery-3.6.1.min.js Show response telegram-korea.com/	88 KB 32 KB	605ms 605ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/jquery-3.6.1.min.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"15e42-1920f36c1dd" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gI4eJ5xVqINZD7lSCJmsMBauhWe4Wg8wqIEP2QqHF3dnii1x0K9iDac5XGBj7ZJlgbpct9VKO%2B6WZDF%2B%2FqO%2B4E90MeIpG1HTtKbitkbE1jyRvUptKQoDmKhPq6hAChvgJLQ1%2FwmwB9SDk%2B2KjMuTTlU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a29bf1249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Fri, 20 Sep 2024 11:34:59 GMT
GET H2	200	index-vX_PR0Tt.css telegram-korea.com/	477 KB 86 KB	500ms 499ms	Stylesheet text/css	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/index-vX_PR0Tt.css Requested by Host: telegram-korea.com URL: https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"77466-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DierSsGGtssoj2F2HjxV1D1d0SNOf3tlv1jzAd4Oqae0pnaX1ErzosCvjra8fVAELXRxdnzchlSPWe%2Fk%2FmEfLka7ufz4G42vakmDl2gjF3XmA%2FbMm7NVvI0uP6M1lmMHuks%2FgOWnKRp8HrNR%2FQFPJEQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a29be1249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type text/css; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	login.js Show response telegram-korea.com/	5 KB 2 KB	499ms 499ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/login.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `b03b3dc0a62a367e4a44599862b574fa0cd24d02d6dc8218fdfe4e402fcd1d6a` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"15fc-192287a6dd8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9l7M%2B4NM1Cj5s2ZN9hC64h2gPfMXksKK9nmLpbogGbAAwc3RycU%2Bvf25R3opXOn%2BhEFVz7u2MrFGKjgLV8oDfInQn85n9LhJ%2BvcX3pLUuCh1UzaYv5UOhVz%2BrodJ2jjRE3PPUPO57JMSHaD%2B5BePzc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7a29c01249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 09:19:25 GMT
GET		mtproto.worker-BjeykWvB.js telegram-korea.com/	0 0

GET		crypto.worker-CfCshcpI.js telegram-korea.com/	0 0

GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	crypto.worker-CfCshcpI.js Show response telegram-korea.com/	67 KB 24 KB	487ms 487ms	Fetch application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/crypto.worker-CfCshcpI.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"10d02-1922913a96b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSFq2ByJIciQ%2F%2Bi4JAdsbPzcCj51p3DzYzLL3xOHpdhmzZOSqKKTDGQOFPAO%2F989OkepgbV8pjHjc1WzpWM%2F3YxXC5HjTIyKAi%2FK52gq7YT58jVJtsYITKhdTeu4wG2rs8i4VrKIgqmBS3vMrp5Lvbc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7ee80d1249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer Response headers Content-Type image/avif
GET H2	200	favicon.ico telegram-korea.com/assets/img/	15 KB 4 KB	479ms 479ms	Other image/x-icon	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer https://telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC etag W/"3aee-191fce2b690" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NYB%2BJxZtBR4YGyV8NzHGCdr%2Bh0deBABFEXf%2FTT%2FoJwozVv89vi5A5w8GUEbJr27DWcDJKKX5NqP%2FDUt4lAItoKg8xLDcdwEowyh8%2B%2Ftaq5qB%2F2eSxMyFeIwQ5aWnwiC8HfSpMx1tEVVkdrEN87NTT8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac7f08351249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:51 GMT content-type image/x-icon x-powered-by Express vary Accept-Encoding last-modified Mon, 16 Sep 2024 22:10:02 GMT
GET H2	200	lang-CONcFstB.js Show response telegram-korea.com/	137 KB 39 KB	498ms 498ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/lang-CONcFstB.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c77e860cb64dad60791fbffb02cccdacab4e20afcda59ffd7020bf3657cf148e` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"22453-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzLcMv5CixtErqLteOV9QZkPWTBBtonFRPFogShDoE3un9nULQxxdjhBpuFSIKgZtKLBVhLxui6%2FFLd805Qu4H81Bpp4Ban4jIVTJ1rBwlnESivI9tDEkAAgPkkVWknU%2BoRPtJbDdMxPOIPJmn3QveI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac80aa101249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	langSign-CN-ja8rh.js Show response telegram-korea.com/	2 KB 1 KB	478ms 478ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/langSign-CN-ja8rh.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"66e-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygBbe%2BMEolE8shPWKFeSW2CEVsXs3hEtxIvdybZCUMoYlM7kEQuw9iLBYP6w8b9k88Hq7nY2MKOOGrGJR8ek0R3VCFRzpKAUuYqVluP4KkpFNe17V1eBQc9X8AhAPQZfTmh%2B%2Ft7904dECBYvW4gN5Nc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac80aa121249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	countries-CzeCvYH8.js Show response telegram-korea.com/	24 KB 4 KB	502ms 501ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/countries-CzeCvYH8.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer https://telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"5e21-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKVouNSwnXGiGPnrfFyN8pnbDWTsMq0P9Ss2ElG6Qf5WhC0Dm8k80gvmxgiY1DvAiQnAF3jIcmV6aLxyVy4EoOUxA3gIswfUKnVk8Fi0pa3SVLTGWFoalU18AZPpOo7oSJtZu8QwqiwYghc1A8Ehr28%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac80aa131249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET		545932fd-a444-4af4-a12b-a8599eb09bf5 https://telegram-korea.com/	0 0

GET		97d7357b-6cf3-408d-bafe-98ee5cbbea3b https://telegram-korea.com/	0 0

GET		73ac732f-27a2-4fa0-bb9d-7f01d17f8f7a https://telegram-korea.com/	0 0

GET H2	200	pageSignQR-i_bPqard.js Show response telegram-korea.com/	5 KB 3 KB	488ms 486ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/pageSignQR-i_bPqard.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2345c503eec4e3ba8fe79539e515b295ccbf15c5d9603727a83b526daa9f52a6` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"15a0-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkHpJuK%2BnNnPYaJ2K7PMnSiZn2lumC9XeVbUcWq%2BC1MuWDJE9JWlC9wO8mlxUe0RDK190FgvvVBupjg8juZEbi%2FXjOaXIjWkc0s7zh6d%2FjfUoWvA7uRMt7KBBxKm8%2BB6Y%2Bog2Vtu9q%2Fxt8lHyf10V1o%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac841ec11249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	page-DmKWDu7K.js Show response telegram-korea.com/	10 KB 5 KB	479ms 478ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/page-DmKWDu7K.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5f8370930b5ef02148c919cd5390f7366533a1fe0cd68cede7dedcb06345ec11` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"290c-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPJJLXCxvhKzOMkZwO6PFyBzX1VKAVpYTVZPyykSq9yWqGVehuSkiGaynk%2BuiK82wQqNREfa0AzxZKzHAHXkIWCW3WvFCssv%2Fvknwd9nuzGtASFyqvqRpvli%2BdqZJ32cs5yZHwfWH6nzA4KUKx%2BF1cI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac841ec31249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	button-DGEknY7a.js Show response telegram-korea.com/	9 KB 4 KB	475ms 474ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/button-DGEknY7a.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `4101120fb6821447034c1fc055e83302d8b6fa1720e6866e918166d1b50f1f87` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"241a-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uXRIfzZHWqohMZ5yCz4j3mc4jfW8lcxWeWK8CC3cAl5y3b4vZFhc1Q5w2XXzXMYS3521tWX2TZ%2FrvN13kObeTkFlKKL5F9cwC5dx0Xw8PyLBYXrJTR5yks48gm0XQfkfMnH9Hq%2BUSaYEuwPnIt%2BxQ4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac841ec51249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	putPreloader-BVVFsE2h.js Show response telegram-korea.com/	699 B 742 B	476ms 475ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/putPreloader-BVVFsE2h.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `896c81275720b000056102eb83431fbbf9d4a29cef2cfce009f75bb77b6f3fb1` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"2bb-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60qnalfOfvM1%2FzPeNR8dy5nVS%2ByVzP755BSAmWRxkIOgLicP992Ta%2F3yHe1jsgzWOjN2g5116bkVhRDIVx%2B2KPBKP%2F2F580QwAyfuLNE7Ar53jTMqVwELy%2FDcaPu3K2PYMwPdfNgc9Z6T0fnGx%2Fxwjg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac841ec61249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H2	200	textToSvgURL-Cnw_Q8Rw.js Show response telegram-korea.com/	357 B 622 B	507ms 507ms	Script application/javascript	2606:4700:3036::ac43:9776 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/textToSvgURL-Cnw_Q8Rw.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9776 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"165-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGITDmEUpxT6yyJs6u7YSDiwnA6tEERU%2BwRSRsmUljgQv%2BRZQVo%2FgDmuxrTQ6KOtGuNQAU3EZ0O97wXTJMOk9%2BGah%2FacS4qFpftsC%2F7MD7LflrRtIoWi5mNSjQuc%2FqHGqsWVn9IZ0Njfq%2Bu2EkntUm8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac841ec71249-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:52 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	qr-code-styling-CvBVNv73.js Show response telegram-korea.com/	65 KB 0	838ms 838ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/qr-code-styling-CvBVNv73.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash `4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers x-powered-by Express cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"10251-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SeOxqPyW38ixwIlEF%2FODDW3K67Kv1B55LAVMYm01Yqusp249AxNNCw0bXPbN0X9kHv1WHDpilMlMjynR%2FjCCHaTIMbYeKLWjmo0BY4dz2KpSgRTMthND5G%2Fhb2430ErkKOs%2FrO5MT%2FSzBkl5zoIAfU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac8749f86160-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:53 GMT content-type application/javascript; charset=UTF-8 last-modified Wed, 25 Sep 2024 12:06:47 GMT server cloudflare vary Accept-Encoding
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response telegram-korea.com/	290 B 0	473ms 473ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/_commonjsHelpers-Cpj98o6Y.js Requested by Host: telegram-korea.com URL: https://telegram-korea.com/index-DMLC1qu5.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash `7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Origin https://telegram-korea.com Referer Response headers x-powered-by Express cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"122-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDRMZMDCL8oLPVTdoiloWCmzLG36goGznjECEk5yokP83ZB6qORZFwPwiK1hoIUlGYqRJ38pbbGOp7cwHRoElgianVvB9NSNhW%2BNR3bLQIpu93y3QzGQunJyoCt8S3ZpufTrjuSWnywgiUj%2FxRCKrmM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac8759fa6160-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:53 GMT content-type application/javascript; charset=UTF-8 last-modified Wed, 25 Sep 2024 12:06:47 GMT server cloudflare vary Accept-Encoding
GET H3	200	logo_padded.svg Show response telegram-korea.com/assets/img/	1 KB 0	492ms 492ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://telegram-korea.com/assets/img/logo_padded.svg Requested by Host: telegram-korea.com URL: https://telegram-korea.com/pageSignQR-i_bPqard.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer https://telegram-korea.com/ Response headers x-powered-by Express cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"42d-191fce2b690" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8I9fQGlohVECN4aYqKiQtS3B0gW%2BRKdS6rGSF%2B7T35KLuibcDxx0vJogRng%2FQDxB3JSGlqfnpWfKqxmLD69As%2BR53ikjtjgic%2B8J2IfLO6vriefvSCkqMSG1vcD7NnbVtXCLgtakryVpLT%2FVZP%2BdN0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca8ac8e9ae16160-ORD access-control-allow-origin * date Sun, 29 Sep 2024 02:51:54 GMT content-type image/svg+xml last-modified Mon, 16 Sep 2024 22:10:02 GMT server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegram-korea.com
URL: https://telegram-korea.com/mtproto.worker-BjeykWvB.js

Domain: telegram-korea.com
URL: https://telegram-korea.com/crypto.worker-CfCshcpI.js

Domain: telegram-korea.com
URL: blob:https://telegram-korea.com/545932fd-a444-4af4-a12b-a8599eb09bf5

Domain: telegram-korea.com
URL: blob:https://telegram-korea.com/97d7357b-6cf3-408d-bafe-98ee5cbbea3b

Domain: telegram-korea.com
URL: blob:https://telegram-korea.com/73ac732f-27a2-4fa0-bb9d-7f01d17f8f7a

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telegram-korea.com
telegram-korea.com
2606:4700:3036::ac43:9776
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
10580ae039ff78954519dbc8d8b2aabd8519bf3f664cb1417f08c70eb61957fc
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2345c503eec4e3ba8fe79539e515b295ccbf15c5d9603727a83b526daa9f52a6
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4101120fb6821447034c1fc055e83302d8b6fa1720e6866e918166d1b50f1f87
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
5f8370930b5ef02148c919cd5390f7366533a1fe0cd68cede7dedcb06345ec11
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6e97b43a97dc438f6b883caacce54c5af1d30c943390d7e214a793221446c2d0
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
86ead3e26c4c85c574719a6fb33c0233cb687c75ab6fd427611cbc32de7bbde4
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
896c81275720b000056102eb83431fbbf9d4a29cef2cfce009f75bb77b6f3fb1
b03b3dc0a62a367e4a44599862b574fa0cd24d02d6dc8218fdfe4e402fcd1d6a
c77e860cb64dad60791fbffb02cccdacab4e20afcda59ffd7020bf3657cf148e
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

telegram-korea.com Open in urlscan Pro 2606:4700:3036::ac43:9776 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

68 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

263 kBTransfer

1064 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

38 JavaScript Global Variables

0 Cookies

Indicators

telegram-korea.com Open in urlscan Pro
2606:4700:3036::ac43:9776 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

68 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

263 kB
Transfer

1064 kB
Size

0
Cookies

25 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!