te-accounts.art Open in urlscan Pro
172.67.178.191 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://te-accounts.art/
Effective URL:
https://te-accounts.art/
Submission: On October 28 via automatic, source openphish (October 28th 2024, 1:11:15 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 172.67.178.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is te-accounts.art.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.

This is the only time te-accounts.art was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
13	172.67.178.191 172.67.178.191		13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2

13 172.67.178.191 (United States)

ASN13335 (CLOUDFLARENET, US)

te-accounts.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	te-accounts.art te-accounts.art	260 KB
0	telegarams.info Failed ad.telegarams.info Failed
22	2

	Domain	Requested by
13	te-accounts.art	te-accounts.art
0	ad.telegarams.info Failed	te-accounts.art
22	2

This site contains no links.

Subject Issuer	Validity	Valid
te-accounts.art WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://te-accounts.art/
Frame ID: 47D134345D371DFEA316E9805554B1F5
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram Web

Page URL History Show full URLs

http://te-accounts.art/ HTTP 307
https://te-accounts.art/ Page URL

Page Statistics

22
Requests

59 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

260 kB
Transfer

963 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://te-accounts.art/ HTTP 307
https://te-accounts.art/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response te-accounts.art/ Redirect Chain http://te-accounts.art/ https://te-accounts.art/	14 KB 6 KB	575ms 521ms	Document text/html	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e945aa2be6ee7f4d1ac28ee2381246ca5a27ca3841bb5f8f206c4287174c219c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d970cdc59b49730-FRA content-encoding br content-type text/html date Mon, 28 Oct 2024 01:11:10 GMT last-modified Sat, 26 Oct 2024 01:41:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaB6KuvE3Hso%2BKNC%2FTxY45NdLvrA%2F9niQPQpXMt872UrLTEWI6lsDcMX0hKfIA2nojHJvcXzb9kOYertVsX%2Bx7J3an5hRUvTU8Obh5IHiE0otkIKWQz6jYJGyWFu2%2F90exY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=6631&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4483&delivery_rate=875&cwnd=12000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=527&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers Location https://te-accounts.art/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	index-B2gg416Q.js Show response te-accounts.art/	133 KB 53 KB	27ms 27ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/index-B2gg416Q.js Requested by Host: te-accounts.art URL: https://te-accounts.art/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `89d604e5f4db2d951dfb426be02fe5db44618f9d89f5ae048e27811e7be97313` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer https://te-accounts.art/ Response headers content-encoding gzip cf-cache-status HIT etag W/"671c48c2-212d9" age 38077 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zl8l%2F090wvvjI%2By%2BmTOKLM4lO3eVd9zt90gKv5A8q0aKK6cMBWoA3S1vTmFi7xVQ%2Fm1R1kqiJpNlvcxjJPC8vyreOLyPwsyduvux%2B7DEiwhxvDpBpd0V9HnT4rJ%2FcQHFDcs%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 02:36:33 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7713&sent=24&recv=16&lost=0&retrans=0&sent_bytes=10287&recv_bytes=5295&delivery_rate=825800&cwnd=12000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=564&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970cdfbade9730-FRA server cloudflare
GET H3	200	index-vX_PR0Tt.css te-accounts.art/	477 KB 104 KB	37ms 37ms	Stylesheet text/css	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/index-vX_PR0Tt.css Requested by Host: te-accounts.art URL: https://te-accounts.art/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer https://te-accounts.art/ Response headers content-encoding gzip cf-cache-status HIT etag W/"671c48c2-77466" age 38077 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTjUkju97sFq8fWB9yqmEi1BoMb87tNUKXV1fddm9DUq%2FUnY7K5Gb9TzjRn9WhZEN88ZcGmUYUXY1%2Fd23fWouSqI2ReBVuQaezV4w3%2B0hzknLX6eYlh6rJPdZoXfYcwpumo%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 02:36:33 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7713&sent=34&recv=16&lost=0&retrans=0&sent_bytes=22287&recv_bytes=5295&delivery_rate=825800&cwnd=12000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=565&x=1", cfExtPri, cfHdrFlush;dur=13 date Mon, 28 Oct 2024 01:11:10 GMT content-type text/css last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970cdfbadf9730-FRA server cloudflare
GET		script.js ad.telegarams.info/	0 0

GET		mtproto.worker-DbUOPmzc.js te-accounts.art/	0 0

GET		crypto.worker-FJ6ARoFe.js te-accounts.art/	0 0

GET DATA	200 OK	truncated /	369 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	crypto.worker-FJ6ARoFe.js Show response te-accounts.art/	67 KB 26 KB	18ms 17ms	Fetch application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/crypto.worker-FJ6ARoFe.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a6ade34bd434b340e9e58e27712a99422758523ce362ef00c596f8adeb33fe40` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://te-accounts.art/ Response headers content-encoding gzip cf-cache-status HIT etag W/"671c48c2-10d21" age 2923 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SKsG4bvK9wwpPhE98LgEAnGIdUshBcIGi84GapPDu0RkgBf8dtUhceWv2%2F4fXhItbIj%2BzG6HQ0cF2sA8ksIVVjGRRxOCMTTzeIqKSIxEeVdE4AMXJtsghpdjCiZM4a%2FZYc%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 12:22:27 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16371&sent=163&recv=66&lost=0&retrans=0&sent_bytes=174367&recv_bytes=8024&delivery_rate=2177395&cwnd=114000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=681&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce07b239730-FRA server cloudflare
GET DATA	200 OK	truncated /	59 B 59 B		Image image/jxl
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jxl
GET DATA	200 OK	truncated /	311 B 0		Image image/avif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/avif
GET H3	200	favicon.ico te-accounts.art/assets/img/	15 KB 4 KB	523ms 523ms	Other image/x-icon	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/assets/img/favicon.ico?v=jw3mK7G9Ry Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://te-accounts.art/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"66f774ed-3aee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcFbP4JnhVoBy0TD274DRWvYVQPX6g3kXmrM0h8G7Qlkid4LTey8pbjW7svg6eRmXzuNjWVSWSWMJpDtKdJ2%2FBfzSasOxNQBQE5ROIGPhinvrlxv6ZFUrsPciXrYDDzCPKY%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d970ce0cb449730-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11207&sent=453&recv=101&lost=0&retrans=0&sent_bytes=516689&recv_bytes=10754&delivery_rate=10542&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1237&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type image/x-icon last-modified Sat, 28 Sep 2024 03:15:57 GMT vary Accept-Encoding priority u=1,i
GET H3	200	lang-CNYDDQNH.js Show response te-accounts.art/	137 KB 45 KB	514ms 513ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/lang-CNYDDQNH.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer https://te-accounts.art/index-B2gg416Q.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-2247a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddM%2BWPTgsKMefPuijrEPLsi4SqJEnjRa%2Fw%2FO3h21Kj1cq0WaEDc%2FlxCznKHcbytvTzfmVAfcs3LqlenEaExXj80rUHx5P%2BjLpTJ4TgnDlfI9uytVrVAWyslQUv%2FNKWmDkSE%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11207&sent=457&recv=101&lost=0&retrans=0&sent_bytes=520975&recv_bytes=10754&delivery_rate=10542&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1237&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce0db4f9730-FRA server cloudflare
GET H3	200	langSign-CN-ja8rh.js Show response te-accounts.art/	2 KB 1 KB	517ms 515ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/langSign-CN-ja8rh.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer https://te-accounts.art/index-B2gg416Q.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-66e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98EyG3oVBrtSN9U9KllfbJ10%2F1Wbd4L2D1VbjEZYcpq%2FuWAPZTptBZOqJs%2F6pZbRYKkmYjC2f96hI%2B%2BpQGsHbtMZHSk9MN4712QP6dTC7a1orvlRa6gGgNdMVRMSu3HMS0c%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11207&sent=497&recv=101&lost=0&retrans=0&sent_bytes=568080&recv_bytes=10754&delivery_rate=10542&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1242&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce0db519730-FRA server cloudflare
GET H3	200	countries-CzeCvYH8.js Show response te-accounts.art/	24 KB 5 KB	502ms 501ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/countries-CzeCvYH8.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer https://te-accounts.art/index-B2gg416Q.js Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-5e21" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLRI9jrny6C7ckfl%2FhUKJgIfF9Ne54F1XnLgI5%2BsouZW1DsMgmr%2BeEZ8hNdp5YY7AR3DtTkPziIVmSNnDclbnia1vK56%2BuQibkG0YODuXlKAJJvBoWTohzmaxrY1w9nfKrk%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=11835&sent=448&recv=100&lost=0&retrans=0&sent_bytes=511287&recv_bytes=10709&delivery_rate=15526363&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1227&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:10 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce0db529730-FRA server cloudflare
GET		a1f0a7f8-adf7-4bbb-af49-45fcdf7e02ae https://te-accounts.art/	0 0

GET		34c9de3c-2ef4-42ab-a3d1-5ff17bd7777b https://te-accounts.art/	0 0

GET		2cce678b-4290-4dea-b619-5359b00bb72e https://te-accounts.art/	0 0

GET H3	200	pageSignQR-BItd2dzr.js Show response te-accounts.art/	7 KB 4 KB	526ms 525ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/pageSignQR-BItd2dzr.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7f5c8467ec2817a3a17d525b775669623745134fb621bbcec43199bfe6da5d22` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-1b5a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95jnwRM2KwYYrl9o21UUIIbOdiS1KPAJcb34mpt2StlImCAQH%2FxnqPuja9iZd2Mf%2ByK%2FlIIx1UeET6BViV4HHYuwILkw%2BWIKvHAHLJJ1KJ0lwIWuj4qIg9kztua%2BVftZFRQ%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8999&sent=512&recv=114&lost=0&retrans=0&sent_bytes=581850&recv_bytes=12576&delivery_rate=135292&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1820&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce46cc79730-FRA server cloudflare
GET H3	200	page-BvFW_NiO.js Show response te-accounts.art/	10 KB 5 KB	270ms 269ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/page-BvFW_NiO.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `acb3fcbeae30796a4818cf0c910e1b3e73682f5baeb91db9d0ca2fef383077a9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-290c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2s6GLI5%2BFPc0Q4kgOWBUUdd2Z8WyNQazzsLw49xq9qgupGJGsvMnQ4s7aDC5BX7ETbJjVe%2BIgXg3sDChMq3qis9b4jUR%2FcJS%2Fc1O3yBMAzUrs%2FbVCGUodr0duzQCp1o%2BsV0%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9220&sent=500&recv=112&lost=0&retrans=0&sent_bytes=569672&recv_bytes=12486&delivery_rate=7367948&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1565&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce46cc89730-FRA server cloudflare
GET H3	200	button-DX74WV__.js Show response te-accounts.art/	9 KB 5 KB	521ms 520ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/button-DX74WV__.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fd23b318c0dcf55e78cacbd07baffcbfe77cb420d31459d881155753d45bd4dd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag W/"671c48c2-241a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDMvduoRqByIe4qF4ETy8nB93uWVbNXNdF0qpun%2FBEQ%2BKhXhYVPJybp8oQ65HlmVvmZQWF2ZIqMFrnieUSeRiVKoOZWyhIAbjLZI2uqprIcyuY%2Bb7HtqE%2B7tRo3OGjqEvXQ%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8999&sent=507&recv=114&lost=0&retrans=0&sent_bytes=576953&recv_bytes=12576&delivery_rate=135292&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1816&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce46cc99730-FRA server cloudflare
GET H3	200	putPreloader-DtsHJgi2.js Show response te-accounts.art/	699 B 1 KB	499ms 499ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/putPreloader-DtsHJgi2.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ecea70517c86a2db44bd9de3265ed60a10488dc78c202899ec29be8def218e1e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding br cf-cache-status REVALIDATED etag W/"671c48c2-2bb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAVoOvmdU15l10vdaVgmSD%2BCcBizG4g8a6Etjvv3rx8w7aSXeuO8C8i5GkZqySBeqmPavloWtgl8AsV93z8AyG8daQPA3D%2FRYET2ao4c5qHDY89d74y%2BAMqgvD0J%2FRojBlY%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9086&sent=505&recv=113&lost=0&retrans=0&sent_bytes=574843&recv_bytes=12531&delivery_rate=19301&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1794&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce46cca9730-FRA server cloudflare
GET H3	200	textToSvgURL-Cnw_Q8Rw.js Show response te-accounts.art/	357 B 952 B	518ms 517ms	Script application/javascript	172.67.178.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/textToSvgURL-Cnw_Q8Rw.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.178.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding br cf-cache-status REVALIDATED etag W/"671c48c2-165" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Miw6KuVi%2FvmiBT15iHcb6QZekRI1QZu%2FLM5bq9%2B4OCHAw5L98BhcigdQ1poQ3nyidZsYpESp46CA3Fo1ki5liZartt1UPrTKfKnzV2YdpNE7LgLO0bpMC8nj07bMVeWis94%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 13:11:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8999&sent=506&recv=114&lost=0&retrans=0&sent_bytes=575978&recv_bytes=12576&delivery_rate=135292&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1812&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce46ccb9730-FRA server cloudflare
GET H3	200	qr-code-styling-CvBVNv73.js Show response te-accounts.art/	65 KB 0	21ms 21ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/qr-code-styling-CvBVNv73.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"671c48c2-10251" age 27241 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zhca431djWf1u4N%2BkJFzweJYD2b6jxEaKRH7WE3GXNai%2BZjmyb3L0LVjuw6UQdxN5cYI2UM%2BJW%2BkLpZOwpA6lmqLDPi0r14E%2Ft%2FlEXGZI9GwJVzDhgfVYk3Rk7AZ55JWgv4%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 05:37:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8279&sent=517&recv=119&lost=0&retrans=0&sent_bytes=586015&recv_bytes=13357&delivery_rate=998553&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1847&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce7ce059730-FRA server cloudflare
GET H3	200	_commonjsHelpers-Cpj98o6Y.js Show response te-accounts.art/	290 B 0	22ms 22ms	Script application/javascript
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/_commonjsHelpers-Cpj98o6Y.js Requested by Host: te-accounts.art URL: https://te-accounts.art/index-B2gg416Q.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://te-accounts.art Referer Response headers content-encoding br cf-cache-status HIT etag W/"671c48c2-122" age 27241 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YQ%2Fs5Il%2FNsbJPX3QSks3yZvQuM%2B4He2BCgZIgXb4m3jsAnm1M0gAiSQSOjoYjO1psEqWcWiID64DKFEBS5gnsw4a85n3LrVPzee7velMRCa3AjbGN9FR2wWH1I4KC%2Be4Qs%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 28 Oct 2024 05:37:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8279&sent=534&recv=119&lost=0&retrans=0&sent_bytes=606368&recv_bytes=13357&delivery_rate=998553&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=1848&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:11 GMT content-type application/javascript last-modified Sat, 26 Oct 2024 01:41:22 GMT vary Accept-Encoding priority u=1,i cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d970ce7ce069730-FRA server cloudflare
GET H3	200	logo_padded.svg Show response te-accounts.art/assets/img/	1 KB 0	508ms 508ms	Fetch image/svg+xml
General Check archive.org Show headers Download Go to Full URL https://te-accounts.art/assets/img/logo_padded.svg Requested by Host: te-accounts.art URL: https://te-accounts.art/pageSignQR-BItd2dzr.js Protocol H3 Server -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://te-accounts.art/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66f774ed-42d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bki3M%2Bp9VMx4j%2FafOhHwLfg4a9RLPoBNk4RWEIDdtzQDgP3ZAgRgF%2F3x4yvBEep4d0pAalSOjuJULustmNV263Fdo2kFMB3mRoo4UkF77HjbQa1LQRX8%2Fhf2a3cAvHp3ze4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d970cf129b09730-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8290&sent=536&recv=122&lost=0&retrans=0&sent_bytes=607301&recv_bytes=13768&delivery_rate=1349999&cwnd=204000&unsent_bytes=0&cid=5e2dfc759b3cfc71&ts=3841&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 28 Oct 2024 01:11:13 GMT content-type image/svg+xml last-modified Sat, 28 Sep 2024 03:15:57 GMT server cloudflare priority u=1,i vary Accept-Encoding
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.telegarams.info
URL: https://ad.telegarams.info/script.js

Domain: te-accounts.art
URL: https://te-accounts.art/mtproto.worker-DbUOPmzc.js

Domain: te-accounts.art
URL: https://te-accounts.art/crypto.worker-FJ6ARoFe.js

Domain: te-accounts.art
URL: blob:https://te-accounts.art/a1f0a7f8-adf7-4bbb-af49-45fcdf7e02ae

Domain: te-accounts.art
URL: blob:https://te-accounts.art/34c9de3c-2ef4-42ab-a3d1-5ff17bd7777b

Domain: te-accounts.art
URL: blob:https://te-accounts.art/2cce678b-4290-4dea-b619-5359b00bb72e

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.telegarams.info/script.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
rendering	warning	URL: https://te-accounts.art/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A030931384040000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.telegarams.info
te-accounts.art
ad.telegarams.info
te-accounts.art
172.67.178.191
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
084e02dc3f7facf0f9744705d2211e97633cc8127ce579a95fa50337e92df665
2b3cb7fcd5a7cba31f0932276d0673437bb4d8ba9fcfcc3602ec85ea60458ae4
4d5108399b82641dbf80148c27bb49203d32e211cec1ed139557ceff975c3896
55073646800c2dafa80abb6f0fd1dc1cd230b64dafd19496dc12242834294a8a
6876bde98b3f0c4013107f69f6bf375f60a2807bd79c11592131d9b8bbbb76ae
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
7e2388ec283fe17472ef02829a93da550af8f3ad4a975f50a0110bff61afe523
7e898f2560233fe672543bbaffe66542d387208b18f5639cb3050bd75d167e48
7f5c8467ec2817a3a17d525b775669623745134fb621bbcec43199bfe6da5d22
88ef7b589f467f4a280126e59b5428d5169f80a165500687699209f60ca39998
89d604e5f4db2d951dfb426be02fe5db44618f9d89f5ae048e27811e7be97313
a6ade34bd434b340e9e58e27712a99422758523ce362ef00c596f8adeb33fe40
acb3fcbeae30796a4818cf0c910e1b3e73682f5baeb91db9d0ca2fef383077a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e945aa2be6ee7f4d1ac28ee2381246ca5a27ca3841bb5f8f206c4287174c219c
ecea70517c86a2db44bd9de3265ed60a10488dc78c202899ec29be8def218e1e
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
fd23b318c0dcf55e78cacbd07baffcbfe77cb420d31459d881155753d45bd4dd

te-accounts.art Open in urlscan Pro 172.67.178.191 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

59 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

260 kBTransfer

963 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

te-accounts.art Open in urlscan Pro
172.67.178.191 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

59 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

260 kB
Transfer

963 kB
Size

0
Cookies

22 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!