www.telegram-korea.com Open in urlscan Pro
2606:4700:3034::6815:50a0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.telegram-korea.com/
Effective URL:
https://www.telegram-korea.com/
Submission: On September 28 via automatic, source openphish (September 28th 2024, 1:29:30 am UTC) — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3034::6815:50a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegram-korea.com.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time www.telegram-korea.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
19	2606:4700:303... 2606:4700:3034::6815:50a0		13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

19 2606:4700:3034::6815:50a0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.telegram-korea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	telegram-korea.com www.telegram-korea.com	284 KB
25	1

	Domain	Requested by
19	www.telegram-korea.com	www.telegram-korea.com
25	1

This site contains no links.

Subject Issuer	Validity	Valid
telegram-korea.com WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.telegram-korea.com/
Frame ID: 308BAF4C16E9F1395A698F154A80C21E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://www.telegram-korea.com/ HTTP 307
https://www.telegram-korea.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

76 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

284 kB
Transfer

1064 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.telegram-korea.com/ HTTP 307
https://www.telegram-korea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response www.telegram-korea.com/ Redirect Chain http://www.telegram-korea.com/ https://www.telegram-korea.com/	17 KB 6 KB	448ms 404ms	Document text/html	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `57d779fd9bab814ca1579053fade7e9150953072d4828aa3585be9e4f43d2619` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8c9ff65aa8d38f32-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 28 Sep 2024 01:29:25 GMT last-modified Thu, 26 Sep 2024 06:40:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MyCcC5cfLWqlt5NYJEoorjNj%2BE8mbRQE5etx6m5ZgkLeJMnZXDFLWqaynxCyPwGMEGlN%2FW588nWr5R6aLZgtM2A0Hz6c5jdAHqHEiwDT7We3f2kR7IIXT%2BmIyXmarvEdF0ISJkCJQrN3rbJ0F2bp%2ByydUIN"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by Express Redirect headers Location https://www.telegram-korea.com/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	speculation www.telegram-korea.com/cdn-cgi/	128 B 567 B	30ms 30ms	Other application/speculationrules+json	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBnUmf29TcRVQsq9%2FWe2ZVDV2YwHL%2FZMiggRqfm8SBOmeJAVI3m0%2BgqgQEnKtannp8lmYKS3s%2B4aCgqL%2Fhkt2RZO1QntbXoU0WM4iNkS86qLd1ATPB6L%2BIuvPpsj%2B45S%2FyWTGXPwnPeov2SoBI2QdeN8TtPJ"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65dda948f32-FRA access-control-allow-origin https://www.telegram-korea.com content-length 128 date Sat, 28 Sep 2024 01:29:25 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	red.js Show response www.telegram-korea.com/	6 KB 4 KB	411ms 411ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/red.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `6e97b43a97dc438f6b883caacce54c5af1d30c943390d7e214a793221446c2d0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"18d1-19213f707fb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ifoB2K22ATDGaJvyXzHjHWLF2R%2BPJiHrTJExRJabhMXV6BDF0JgSt%2FL8u8PumXQTdYqLXbCTyqO0f6Nb9kEnJqcEuO65gGoKeUf428yZsIllhmRWyMfZHOyF71YntB%2F8Wb6h0JlqQmtPucl56tu%2FLOgNm9GM"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65dda978f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:25 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Sat, 21 Sep 2024 09:43:29 GMT
GET H3	200	index-DMLC1qu5.js Show response www.telegram-korea.com/	133 KB 48 KB	416ms 416ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/index-DMLC1qu5.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `86ead3e26c4c85c574719a6fb33c0233cb687c75ab6fd427611cbc32de7bbde4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"21298-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B71fIGrdDkzrT0lM2YIqEUkmWICqOZrzJm8Nd8OGZLmyBIp3ayNSFIfEWo82EN53y%2FRgRqi%2FaVcMN%2FAttaPQ%2FiV5cenPm4vMX44%2F8uEtNzMD6J7Iu9R5vOVbvLS2tD5y5%2BsLs1DFVLiMNPdkQeACBmf%2BtC0Y"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65dda9a8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:25 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	jquery-3.6.1.min.js Show response www.telegram-korea.com/	88 KB 32 KB	432ms 431ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/jquery-3.6.1.min.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"15e42-1920f36c1dd" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUUsXGIfJEoMX9aKV%2BBaTpqWiVEW2trChXpQcrItO9UCsxOwRscNWnbTI3nv6kgKGFYRdDKvfVUzkzi35BXFZzy%2Bk4ut%2F7pr%2FMo2wovWCX%2Bi2ZVtelZ8bRq0k9flS8VD8Sk9Zy13YIm6TVNA06NCg24MTT5E"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65dda9b8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:25 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Fri, 20 Sep 2024 11:34:59 GMT
GET H3	200	index-vX_PR0Tt.css www.telegram-korea.com/	477 KB 86 KB	489ms 489ms	Stylesheet text/css	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/index-vX_PR0Tt.css Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"77466-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X67Iw9FY8MPAPJa3hnJoahl8YdUpjIDqDbBMnxMnxthDJR8i6ErtWO%2FaPVBXAblRkJXv3gFMrN1UaDowON0YzA%2FS0LkyJc2Wt40B1RAAeYXsfaM9TX1f1oPgB4AJFS0PGQxXZg%2BL47vzabkqW36i1VYgtJCE"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65dda9f8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:25 GMT content-type text/css; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	login.js Show response www.telegram-korea.com/	5 KB 2 KB	407ms 406ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/login.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `b03b3dc0a62a367e4a44599862b574fa0cd24d02d6dc8218fdfe4e402fcd1d6a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"15fc-192287a6dd8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oD9f%2FTPtbOh1kuYBxDg5GxiHgYjfVkYPaQbZpaHFbmon2SLZhDAPN07c%2B4cSEwyQPmCY9Uhg69WaVmzT8UBLeo4ICT7PTDGzvsmH4SozqyIk3gTDW3zIY6g7EkS2GXY%2BsvKAhl4IGlX17kxlNvzkUXwHs%2Bk"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff65ddaa18f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:25 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 09:19:25 GMT
GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-CfCshcpI.js Show response www.telegram-korea.com/	67 KB 24 KB	402ms 402ms	Fetch application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/crypto.worker-CfCshcpI.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"10d02-1922913a96b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0HH%2BjNxv1L22sbx7rL3iZBGpBq037DBnkyvVuQMPq69YZkbU8InmjQTuQPszybtl5WNBC5bFvscoGAFePdaboPa8xkzkTzdivD9IZx00ze22fGSzyT%2FGit%2FXwc7amlYTk%2B7evhIcJnMbcOc4wwD74S5T8SQ"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff6614c328f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
GET		mtproto.worker-BjeykWvB.js www.telegram-korea.com/	0 0

GET		crypto.worker-CfCshcpI.js www.telegram-korea.com/	0 0

GET H3	200	favicon.ico www.telegram-korea.com/assets/img/	15 KB 4 KB	401ms 400ms	Other image/x-icon	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.telegram-korea.com/ Response headers server cloudflare cache-control public, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC etag W/"3aee-191fce2b690" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4LZupMBuOZdq9PA2KrrvUZCnWuTjm%2FbA1qbSLffTh1n3oKeWdoey1UH2Su6sy5sjE0yOEk7w32xW6NVFUZcVHzffeY0nqNT1JZT8UIN8WgCOutJKZeGP%2Fd779YFMjf4dfbXg7A9yF3KzP8yY44LnjA8VP0X"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff661bc6c8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type image/x-icon x-powered-by Express vary Accept-Encoding last-modified Mon, 16 Sep 2024 22:10:02 GMT
GET H3	200	lang-CONcFstB.js Show response www.telegram-korea.com/	137 KB 39 KB	459ms 458ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/lang-CONcFstB.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c77e860cb64dad60791fbffb02cccdacab4e20afcda59ffd7020bf3657cf148e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"22453-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EcS6vmte6ebisxn21zVIWB4%2FsBo0W8LC%2F9Ds4Ck1Mnr%2Fi93%2FE06S%2BLzeMpsLgeOUESZl8zRy6b9ApMRWrb%2Fbzo5kk6ugXSbEHGW8UawneAWhICk7T3AMrssLpjTIML7FoAtBT3Esnx%2FvYARgTl4iEbujzLs"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff661cc718f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	langSign-CN-ja8rh.js Show response www.telegram-korea.com/	2 KB 1 KB	459ms 459ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/langSign-CN-ja8rh.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"66e-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIN0oDev0rjqMfivhZE5bKpxOBEcW6j%2Bi0POUwlDaU2rVF3HOWgVOtprYKb30pX%2Bmt%2BX0cAtr5Tkux4cwTo7K%2FEZ3jZU73hxMC6DE8i%2BLxseG9RiDf3tXgV50ncXlzXDCKduP8LABYjrJzpQmn4%2BixLAQyHR"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff661cc728f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	countries-CzeCvYH8.js Show response www.telegram-korea.com/	24 KB 4 KB	404ms 403ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/countries-CzeCvYH8.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer https://www.telegram-korea.com/index-DMLC1qu5.js Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"5e21-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxQQi9jcTlZLxE%2FRDGXjXOnqKFjPe4PS4HuEIBmFki9NGVYjUyoE3kKlDvcrzpVgK7TK%2B7GRkumIL3gLg9v0Ia86UYoSyPkRyQNlkVSXxQKnOq2SJC9ls0HsVbWiBxEPf2r6jgQT4zSZIs1uDwqMURNVvE26"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff661cc738f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	pageSignQR-i_bPqard.js Show response www.telegram-korea.com/	5 KB 3 KB	448ms 447ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/pageSignQR-i_bPqard.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2345c503eec4e3ba8fe79539e515b295ccbf15c5d9603727a83b526daa9f52a6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"15a0-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0l6F6T3%2Fds40S0FLLo9qZlkxNSjyJWlQ3GA92qYTnAMPFpLofNl4FNvD73O%2BzdhpqeXIGhTJ7DGhaNwgAyzud2PK%2B2cRC1s%2F5TmQn37g4Zwxkz6Ed%2BAIcJAW2vQLkJiIZhDKVfx6t4EiqOWYXwAI%2BhWm9N0p"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff664fe298f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	page-DmKWDu7K.js Show response www.telegram-korea.com/	10 KB 5 KB	411ms 410ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/page-DmKWDu7K.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `5f8370930b5ef02148c919cd5390f7366533a1fe0cd68cede7dedcb06345ec11` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"290c-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vb9LOtXh6Rtz8zHtqXQ9U09qJEAyat4qBLT9KnqM%2F1ft8sx416EzZelsdO%2F4xXRMNlK%2Fvba6lRDxspm0U6eusu9iADazKjgBb6GJbX32wjpg3hrUWGhkApTQRNKDotVR4QBQo9GdwcdLwyFoTyPGf8pjKzP"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff664fe2b8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	button-DGEknY7a.js Show response www.telegram-korea.com/	9 KB 4 KB	410ms 410ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/button-DGEknY7a.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `4101120fb6821447034c1fc055e83302d8b6fa1720e6866e918166d1b50f1f87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"241a-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zZqrz3qlkj3LsMzKKASmPuewuqIYlYT%2BoKoIyp%2BJjDo27IKAmYWPfhbcxDyrIS%2FnGyz0IgdgqA7ac1QtQ1p3n8i0eMJfsmZ%2B42ZrV2TOl2q4Uqras%2B204HV4sXuVjFdgL%2FPrles6qMuXP%2BCtI%2B9MX34bWqH"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff664fe2c8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	putPreloader-BVVFsE2h.js Show response www.telegram-korea.com/	699 B 930 B	406ms 405ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/putPreloader-BVVFsE2h.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `896c81275720b000056102eb83431fbbf9d4a29cef2cfce009f75bb77b6f3fb1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"2bb-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S94VY1K7Mn5C85dLsTYiaGwfr2h8USnf5s3%2F2sBdFel20kxRqnQUFu4pf0i%2FArGFKSRkWYn7eUiZJRFuvkgLowBxqtII2jeWG%2F83E3rY1cNLWg7p8ulop6qpgFyHn%2BYX5R9BvfQz2Gb9%2BLd88Gzn7vdQ%2BPdL"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff664fe2d8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response www.telegram-korea.com/	357 B 769 B	242ms 242ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/textToSvgURL-Cnw_Q8Rw.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"165-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HmALAuYDF6WcVjc9P2aWDPId2YysZHEdg1RZVj21o4Ec%2FWt2sdJgcemalqw7h57sH8QVDpvKhAQUlnFhktcX4AIkPXp83%2Blq5sVZ%2BPZI4mil%2BQqPEgi6HZt%2B%2BLRxqLYBZw0fU3WUtW42vV7Ygo0RwM8FlxS"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff664fe2e8f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:26 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET		c4ef31e5-9933-4bdd-bb8f-d383c17025dd https://www.telegram-korea.com/	0 0

GET		eef9b9c4-becb-45cd-8cd1-b17e13425e35 https://www.telegram-korea.com/	0 0

GET		d99056f1-f60b-444c-8c35-e83a946fdb0f https://www.telegram-korea.com/	0 0

GET H3	200	qr-code-styling-CvBVNv73.js Show response www.telegram-korea.com/	65 KB 17 KB	825ms 824ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/qr-code-styling-CvBVNv73.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"10251-1922913a931" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMgnJSG9goM%2FP5IAUOwMlgKBZrlfEhnW3kg22p7GwgrU%2B24xU4yoXhIMWeFuVc00xbHHhmochc5YWpN%2FFzMNrM1WQM78zHQM8Bdhns%2Bi2fvH7E%2BQbQr7luLTVP86VpEsQ0sAuGRXaRRRpuQWHAqJ%2B4Mc82tr"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff667cfd18f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:27 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response www.telegram-korea.com/	290 B 697 B	403ms 403ms	Script application/javascript	2606:4700:3034::6815:50a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/_commonjsHelpers-Cpj98o6Y.js Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/index-DMLC1qu5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:50a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.telegram-korea.com Referer Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"122-1922913a925" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYPgoOMPtgSUEK3NOd4KEfVGhW39barjs4UIjhOyyxdzL1nK20FZRFTLx3wPW13fnql8twlPSf7TSrrwaTURJF8GxPFxdTHfcg6VbcnQloMSAGR%2Flh%2F2uHIiyqPcT9yz8Fx7yQKF0E81brddeCSo4Rl5DJmx"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff667cfd38f32-FRA access-control-allow-origin * date Sat, 28 Sep 2024 01:29:27 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 25 Sep 2024 12:06:47 GMT
GET H3	200	logo_padded.svg Show response www.telegram-korea.com/assets/img/	1 KB 0	226ms 226ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://www.telegram-korea.com/assets/img/logo_padded.svg Requested by Host: www.telegram-korea.com URL: https://www.telegram-korea.com/pageSignQR-i_bPqard.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Express Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.telegram-korea.com/ Response headers x-powered-by Express cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"42d-191fce2b690" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BWxYv%2FvrkhUdzX14OAXex1m8bLW4gG1%2FNgpHGDjKBL4ZFq8lzztW0ut4PRKGdn91LCFTg8dM%2BP62pe7K%2Fm3RWeu02LgiizjCjSVFvyuKI66HCcu4Etqf%2FiKrXZNipfH5Oqo%2BbXAVmt8JWcSB8tj0gGpP%2F5a"}],"group":"cf-nel","max_age":604800} cf-ray 8c9ff671df328f32-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Sat, 28 Sep 2024 01:29:28 GMT content-type image/svg+xml last-modified Mon, 16 Sep 2024 22:10:02 GMT server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.telegram-korea.com
URL: https://www.telegram-korea.com/mtproto.worker-BjeykWvB.js

Domain: www.telegram-korea.com
URL: https://www.telegram-korea.com/crypto.worker-CfCshcpI.js

Domain: www.telegram-korea.com
URL: blob:https://www.telegram-korea.com/c4ef31e5-9933-4bdd-bb8f-d383c17025dd

Domain: www.telegram-korea.com
URL: blob:https://www.telegram-korea.com/eef9b9c4-becb-45cd-8cd1-b17e13425e35

Domain: www.telegram-korea.com
URL: blob:https://www.telegram-korea.com/d99056f1-f60b-444c-8c35-e83a946fdb0f

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.telegram-korea.com
www.telegram-korea.com
2606:4700:3034::6815:50a0
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2345c503eec4e3ba8fe79539e515b295ccbf15c5d9603727a83b526daa9f52a6
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4101120fb6821447034c1fc055e83302d8b6fa1720e6866e918166d1b50f1f87
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
57d779fd9bab814ca1579053fade7e9150953072d4828aa3585be9e4f43d2619
5f8370930b5ef02148c919cd5390f7366533a1fe0cd68cede7dedcb06345ec11
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6e97b43a97dc438f6b883caacce54c5af1d30c943390d7e214a793221446c2d0
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
86ead3e26c4c85c574719a6fb33c0233cb687c75ab6fd427611cbc32de7bbde4
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
896c81275720b000056102eb83431fbbf9d4a29cef2cfce009f75bb77b6f3fb1
b03b3dc0a62a367e4a44599862b574fa0cd24d02d6dc8218fdfe4e402fcd1d6a
c77e860cb64dad60791fbffb02cccdacab4e20afcda59ffd7020bf3657cf148e
db66f764c311c8c976601370a59831be1b792fe9535c8f36f7de75334226b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4

www.telegram-korea.com Open in urlscan Pro 2606:4700:3034::6815:50a0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

76 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

284 kBTransfer

1064 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

38 JavaScript Global Variables

0 Cookies

Indicators

www.telegram-korea.com Open in urlscan Pro
2606:4700:3034::6815:50a0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

76 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

284 kB
Transfer

1064 kB
Size

0
Cookies

25 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!