etelega-internal-work.pics Open in urlscan Pro
2606:4700:3031::ac43:af2c  Malicious Activity! Public Scan

URL: https://etelega-internal-work.pics/
Submission: On November 01 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:af2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is etelega-internal-work.pics.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.
This is the only time etelega-internal-work.pics was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:67c:4e8:... 62041 (TELEGRAM)
22 3
Apex Domain
Subdomains
Transfer
12 etelega-internal-work.pics
etelega-internal-work.pics
479 KB
1 telegram.me
telegram.me — Cisco Umbrella Rank: 39410
359 B
1 t.me
t.me — Cisco Umbrella Rank: 15896
359 B
22 3
Domain Requested by
12 etelega-internal-work.pics etelega-internal-work.pics
1 telegram.me etelega-internal-work.pics
1 t.me etelega-internal-work.pics
22 3

This site contains no links.

Subject Issuer Validity Valid
etelega-internal-work.pics
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.t.me
Go Daddy Secure Certificate Authority - G2
2024-10-06 -
2025-11-07
a year crt.sh
*.telegram.me
Go Daddy Secure Certificate Authority - G2
2024-09-18 -
2025-10-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://etelega-internal-work.pics/
Frame ID: C661EDB109FF213B9DAA3F3895A25090
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Telegram

Page Statistics

22
Requests

64 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

480 kB
Transfer

912 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
etelega-internal-work.pics/
3 KB
2 KB
Document
General
Full URL
https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0f0009a97c1ba19b2a9cde6b2078bfb5d31b0acae33a88d2c7652e1230790e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dbb20149e339e61-CDG
content-encoding
br
content-type
text/html
date
Fri, 01 Nov 2024 10:15:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhEVoRLA4Tn6mZoofcB8cOJvPpqfXSwLgwVLZkVi0cdkXbW7mELRLWM0CLDYvppZahRdDdxBqu3ePrISs974bRDSmNJaFVLg%2FK1sDaJbtrGSqR%2FwOWTSY29pq2gYn221S5bCbpQjhbpcvH1Fx2kxy2adTkr5uLh9LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=32493&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4179&recv_bytes=4391&delivery_rate=18283&cwnd=12000&unsent_bytes=0&cid=169dbe73f1954a9b&ts=127&x=1" cfExtPri cfHdrFlush;dur=0
redirect.js
etelega-internal-work.pics/
325 B
855 B
Script
General
Full URL
https://etelega-internal-work.pics/redirect.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
HIT
age
39
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCysAF1yS4zWBhaBsThUESznRH29fStscvOhwSb6VmrYMyihuuRmmrB%2Buts2PSNGZUgWAimmEa%2Fj68%2FEOPxHA9t8yinVS0ssEC5e%2B6QemllTesoNVLQvsZkXYebXH1wiz8HiyJ0FQgrZOqtiDx9IG%2BRSs%2FiLca5lGg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32391&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5909&recv_bytes=4781&delivery_rate=30253&cwnd=12000&unsent_bytes=0&cid=169dbe73f1954a9b&ts=291&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:05 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb20160fe09e61-CDG
access-control-allow-origin
*
server
cloudflare
main.065f618403adeb16d9b8.js
etelega-internal-work.pics/
442 KB
143 KB
Script
General
Full URL
https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7423b6c280e05d3cab767103353bb36b11f38f9a2a8dc33a02b7dd4582c8dcd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
HIT
age
38
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHwsQle%2BM%2FMXMiWYCH4WKhUDS%2BHa3rjG8qCGz2v5%2BCMi1mT3aIfxqupc8i15oWlAK3HVOSPaCDPwhlm0C9JlzCK26E1hSaWwzDGR7uu7RpVHWuSxmglLWTGlzYHw8VyF3zNbnFHA0k0Gou4t2Pf35RjqhEJLzv2JVA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32428&sent=28&recv=15&lost=0&retrans=0&sent_bytes=18811&recv_bytes=5716&delivery_rate=12738&cwnd=12000&unsent_bytes=0&cid=169dbe73f1954a9b&ts=359&x=1", cfExtPri, cfHdrFlush;dur=15
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:06 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb201678699e61-CDG
access-control-allow-origin
*
server
cloudflare
main.9ac4c9044b7b428a4db7.css
etelega-internal-work.pics/
110 KB
23 KB
Stylesheet
General
Full URL
https://etelega-internal-work.pics/main.9ac4c9044b7b428a4db7.css
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed7f872e9c4365c0d1339d85d21a0a140ce8ee59c95c89a2c403c60b6e9816e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
HIT
age
38
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcAAzMe0WcIAYEGPaCbNFfdGfVNU2lhyWayjwR8rfm7gZVJL8pwT3A%2FVJKMVvAf%2F2W4bRwkNx%2FibokHjFVR5DavvCWxWztHTROPfvSOFPoa9TP0sP6A%2B%2BWT%2B0n9yspD%2FpLeULky2UI0v%2FPpVBrHRwNF76OScg3xUEg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32428&sent=19&recv=15&lost=0&retrans=0&sent_bytes=8384&recv_bytes=5716&delivery_rate=12738&cwnd=12000&unsent_bytes=0&cid=169dbe73f1954a9b&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
text/css
last-modified
Fri, 01 Nov 2024 10:15:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb2016786b9e61-CDG
access-control-allow-origin
*
server
cloudflare
compatTest.js
etelega-internal-work.pics/
2 KB
1 KB
Script
General
Full URL
https://etelega-internal-work.pics/compatTest.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
HIT
age
38
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FmTU3WAwPLqbHfPkDm1WPRNB8OAEDvWp%2FyxwnHKhRGmICplbD5oO9oyfcMdrP7NfcIuLplzKqRNPM2Jpx4amRO1tB5Lkcqsb5b990q3I5LiOZPpt78q4M2Df3UfKIlGNmuYbdFv5u7o3umba7tSa43MwTAp6PBNcfw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32428&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6811&recv_bytes=5716&delivery_rate=12738&cwnd=12000&unsent_bytes=0&cid=169dbe73f1954a9b&ts=342&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:06 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb2016786d9e61-CDG
access-control-allow-origin
*
server
cloudflare
notification.mp3
etelega-internal-work.pics/
11 KB
11 KB
Media
General
Full URL
https://etelega-internal-work.pics/notification.mp3
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6

Request headers

Referer
https://etelega-internal-work.pics/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
age
36
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkBSCDOLoOUvIhk66gEwiJw7vU7oNkGTyPkzdukTu8BaaEa9GK3cU5REHh820wQMP6nc6srTXpZLq5yUV8CDb4tjKKVUQ86rmQcTTfv3FhVVCIsefQSsLScTnECGJLGo0LvIfRGjumzW%2Bu4aafVawRE7HXJ4X07Mgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35517&sent=171&recv=68&lost=0&retrans=0&sent_bytes=182208&recv_bytes=8304&delivery_rate=2567801&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=563&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
audio/mpeg
last-modified
Fri, 01 Nov 2024 10:15:08 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb2017d9d69e61-CDG
access-control-allow-origin
*
server
cloudflare
_websync_
t.me/
4 B
359 B
Script
General
Full URL
https://t.me/_websync_?authed=0&version=10.9.17+A
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

strict-transport-security
max-age=35768000
cache-control
no-store
content-encoding
gzip
pragma
no-cache
content-length
24
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/json; charset=utf-8
server
nginx/1.18.0
_websync_
telegram.me/
4 B
359 B
Script
General
Full URL
https://telegram.me/_websync_?authed=0&version=10.9.17+A
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

strict-transport-security
max-age=35768000
cache-control
no-store
content-encoding
gzip
pragma
no-cache
content-length
24
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/json; charset=utf-8
server
nginx/1.18.0
5193.277e1fb9e38cc39cf421.js
etelega-internal-work.pics/
18 KB
7 KB
Script
General
Full URL
https://etelega-internal-work.pics/5193.277e1fb9e38cc39cf421.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ddefde4a069a17defc563b5fb2258795c1af6bd73b1afda2c2529db8be58c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cl7B1%2BQAornVP2SYEMT8rHPjxGeDeTMp2ZFHSiDiMgH7I4R%2B3DOcbZeyl1NSpsDH1DLtdjc%2B9hsXkD%2BqV03RM0g%2BuvbwAxuC0f5aqpshUUUn3dmUmXzfCq9Bxpcq2%2BcEDwI81%2ByjSuGxPALi5dxklOrKuNv5zLcs1A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34688&sent=189&recv=76&lost=0&retrans=0&sent_bytes=198686&recv_bytes=10376&delivery_rate=66798&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=671&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:44 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb20181a2a9e61-CDG
access-control-allow-origin
*
server
cloudflare
chat-bg-br.f34cc96fbfb048812820.png
etelega-internal-work.pics/
2 KB
3 KB
Image
General
Full URL
https://etelega-internal-work.pics/chat-bg-br.f34cc96fbfb048812820.png
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.9ac4c9044b7b428a4db7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/main.9ac4c9044b7b428a4db7.css

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trrqjeegQ%2F%2FBodmoOhtxz5EqHxpIQT1gL9eLtBn1bFwiDvd3PMoTHnSjptYXHbkufM6XThmAcWsy4aSszjcb7EHxyOCH2kzpq%2B8eZSgwx%2F07eq7jiZYoCxSCLNErrBnSAm%2BHHMGbGCJc3Asxrs3kTvQYZE%2FdUlkOLg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-ray
8dbb20182a2f9e61-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34688&sent=196&recv=76&lost=0&retrans=0&sent_bytes=206106&recv_bytes=10376&delivery_rate=66798&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=671&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 10:15:44 GMT
vary
Accept-Encoding
priority
u=3,i
chat-bg-pattern-light.ee148af944f6580293ae.png
etelega-internal-work.pics/
266 KB
267 KB
Image
General
Full URL
https://etelega-internal-work.pics/chat-bg-pattern-light.ee148af944f6580293ae.png
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.9ac4c9044b7b428a4db7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/main.9ac4c9044b7b428a4db7.css

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=saILne5CAIXpIWQ4ppOEiTDEkQgGkV0hBgpkWLxVwJPjGhmUes2CHVMP7u6YMRWRTGoYicW4iRqiU9W6WVf5tKnt%2FpJ2iWiaPyBHKhhH%2BWSEK8uLJGwCKgzwMD%2FkOMRFEytM9bPAnfgU3O2DSM3iMHT1u%2B%2B4lni9ww%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-ray
8dbb20182a329e61-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34688&sent=199&recv=76&lost=0&retrans=0&sent_bytes=208768&recv_bytes=10376&delivery_rate=66798&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=697&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 10:15:44 GMT
vary
Accept-Encoding
priority
u=3,i
truncated
/
307 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e253d3f513bbf831c7e7da3e513cf8d4177f7f398c1fad87809d393a58c1697

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
7283.fffaae54cb7b28e809f3.js
etelega-internal-work.pics/
45 KB
14 KB
Script
General
Full URL
https://etelega-internal-work.pics/7283.fffaae54cb7b28e809f3.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657fa988f8a02e03d27ae00a691a8e3c7c95268c9b960ebe515e4a5153e0e838

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU7n7Gzh5K8awRM4k1CxhPnoArwbEuP5TWdIiAdTOaiXkLcGHCCWGJFJRNR2VLq7CIRgZaaiTCrSb2wRdTz2T6gg2LHJRJFjKwHdTyFN56SKezSYeU8TjF5aUfaMqQ9rooqSarGSiof%2FBUeZqKpG5z8eQ%2BXzMWzDMg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34416&sent=227&recv=78&lost=0&retrans=0&sent_bytes=240967&recv_bytes=10745&delivery_rate=277952&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=704&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:44 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb20183a459e61-CDG
access-control-allow-origin
*
server
cloudflare
6708.457f852af5d5245dd736.js
etelega-internal-work.pics/
11 KB
4 KB
Script
General
Full URL
https://etelega-internal-work.pics/6708.457f852af5d5245dd736.js
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/main.065f618403adeb16d9b8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f7d33d4ae2a6d7370fa8cee5abb7365cbd6f265073e02c64ffe3ee744beb26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
HIT
age
34
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wP%2FkQiS%2FeoO1SihA6CoXLLV9Un4PgKKSjORLRo%2F%2F4ffcaRqSXO9SuwtWztg95Kp4%2Finu%2B55Z34aQ23EapSm9wdlfHV2DAnQLjWADEE0%2FZ6v8%2BEQBW%2BwZ3ma3qDuYOHybEVb%2F8CcXYm1TYrBYtYZ2rFP5NXC9ol%2FlYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35075&sent=184&recv=74&lost=0&retrans=0&sent_bytes=194078&recv_bytes=10006&delivery_rate=288642&cwnd=91200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=625&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 10:15:10 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb20183a479e61-CDG
access-control-allow-origin
*
server
cloudflare
9722.c7f44ea5b4a304dab8f1.js
etelega-internal-work.pics/
0
0

9722.c7f44ea5b4a304dab8f1.js
etelega-internal-work.pics/
0
0

9722.c7f44ea5b4a304dab8f1.js
etelega-internal-work.pics/
0
0

9722.c7f44ea5b4a304dab8f1.js
etelega-internal-work.pics/
0
0

3559.6c8b71d0e8cb5e9f64d3.js
etelega-internal-work.pics/
0
0

favicon.ico
etelega-internal-work.pics/
2 KB
3 KB
Other
General
Full URL
https://etelega-internal-work.pics/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:af2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=olo89JYVWqtBn08Nh79SlsTqqE2LJEd2lAQJeObtsHlrhI9Lv1EQNt7%2Ft8sRTE3OrF3Z7o4TuAKoSuxdVv%2F%2FAzgAXu2TN3YC3cQFdAPALPta3vvF9%2Fqajmb7TvS4VnIVz43IjWhVUrOmTK0j4lMJQPP%2FqZ4VDMX%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35343&sent=591&recv=121&lost=0&retrans=0&sent_bytes=667964&recv_bytes=13594&delivery_rate=2808769&cwnd=187200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=925&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:44 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 01 Nov 2024 10:15:44 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dbb2019cc059e61-CDG
access-control-allow-origin
*
server
cloudflare
blank.8dd283bceccca95a48d8.png
etelega-internal-work.pics/
68 B
0
Image
General
Full URL
https://etelega-internal-work.pics/blank.8dd283bceccca95a48d8.png
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXrRBBe1urjpXn336ulmdxGryoUvU8wqMGgLXLI9arzelYIvzTtnaqQKqOPXYvZ1J5dZ1%2Fqnez8GFLC0FnY8qHI6MUxnEOksWWsbUO%2BbA5%2FOKKK8AHxMbn2fBofmwCdFI%2BsErr4A2MqJLEMbRqT4kxWM%2BC2XKzpZQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-ray
8dbb202cd9809e61-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32826&sent=1730&recv=250&lost=0&retrans=0&sent_bytes=1854908&recv_bytes=23920&delivery_rate=4038489&cwnd=193200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=3970&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:48 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 10:15:48 GMT
server
cloudflare
priority
u=3,i
vary
Accept-Encoding
blank.8dd283bceccca95a48d8.png
etelega-internal-work.pics/
0
0
Fetch
General
Full URL
https://etelega-internal-work.pics/blank.8dd283bceccca95a48d8.png
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/7283.fffaae54cb7b28e809f3.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXrRBBe1urjpXn336ulmdxGryoUvU8wqMGgLXLI9arzelYIvzTtnaqQKqOPXYvZ1J5dZ1%2Fqnez8GFLC0FnY8qHI6MUxnEOksWWsbUO%2BbA5%2FOKKK8AHxMbn2fBofmwCdFI%2BsErr4A2MqJLEMbRqT4kxWM%2BC2XKzpZQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-ray
8dbb202cd9809e61-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32826&sent=1730&recv=250&lost=0&retrans=0&sent_bytes=1854908&recv_bytes=23920&delivery_rate=4038489&cwnd=193200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=3970&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:48 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 10:15:48 GMT
server
cloudflare
priority
u=3,i
vary
Accept-Encoding
blank.8dd283bceccca95a48d8.png
etelega-internal-work.pics/
0
0
Fetch
General
Full URL
https://etelega-internal-work.pics/blank.8dd283bceccca95a48d8.png
Requested by
Host: etelega-internal-work.pics
URL: https://etelega-internal-work.pics/7283.fffaae54cb7b28e809f3.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://etelega-internal-work.pics/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXrRBBe1urjpXn336ulmdxGryoUvU8wqMGgLXLI9arzelYIvzTtnaqQKqOPXYvZ1J5dZ1%2Fqnez8GFLC0FnY8qHI6MUxnEOksWWsbUO%2BbA5%2FOKKK8AHxMbn2fBofmwCdFI%2BsErr4A2MqJLEMbRqT4kxWM%2BC2XKzpZQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
cf-ray
8dbb202cd9809e61-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32826&sent=1730&recv=250&lost=0&retrans=0&sent_bytes=1854908&recv_bytes=23920&delivery_rate=4038489&cwnd=193200&unsent_bytes=0&cid=169dbe73f1954a9b&ts=3970&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 01 Nov 2024 10:15:48 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 10:15:48 GMT
server
cloudflare
priority
u=3,i
vary
Accept-Encoding
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
etelega-internal-work.pics
URL
https://etelega-internal-work.pics/9722.c7f44ea5b4a304dab8f1.js
Domain
etelega-internal-work.pics
URL
https://etelega-internal-work.pics/9722.c7f44ea5b4a304dab8f1.js
Domain
etelega-internal-work.pics
URL
https://etelega-internal-work.pics/9722.c7f44ea5b4a304dab8f1.js
Domain
etelega-internal-work.pics
URL
https://etelega-internal-work.pics/9722.c7f44ea5b4a304dab8f1.js
Domain
etelega-internal-work.pics
URL
https://etelega-internal-work.pics/3559.6c8b71d0e8cb5e9f64d3.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| compatTest boolean| isCompatTestPassed object| webpackChunktelegram_t

0 Cookies

8 Console Messages

Source Level URL
Text
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
falling back to ArrayBuffer instantiation
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
falling back to ArrayBuffer instantiation
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
falling back to ArrayBuffer instantiation
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
worker warning URL: https://etelega-internal-work.pics/rlottie-wasm.f013598f1b2ba719f25e.js
Message:
falling back to ArrayBuffer instantiation