URL: https://md5file.com/calculator
Submission Tags: phishing malicious Search All
Submission: On October 10 via api from TG — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2a01:4f8:192:13a7::1, located in Klettgau, Germany and belongs to HETZNER-AS, DE. The main domain is md5file.com.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.
This is the only time md5file.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a01:4f8:192:... 24940 (HETZNER-AS)
11 1
Apex Domain
Subdomains
Transfer
11 md5file.com
md5file.com
800 KB
11 1
Domain Requested by
11 md5file.com md5file.com
11 1

This site contains no links.

Subject Issuer Validity Valid
savefile.me
R3
2023-08-31 -
2023-11-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://md5file.com/calculator
Frame ID: D33E36367E57E1F027EDBE3809C79100
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

WASM File Hash Online Calculator - MD5, SHA1, SHA2 (SHA256), SHA512

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

800 kB
Transfer

2847 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request calculator
md5file.com/
4 KB
2 KB
Document
General
Full URL
https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
7dc753dff1fea884887d5cd6e63295c38bfea798c7c08a886f8168e064667aac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 13:38:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.22.0
strict-transport-security
max-age=15724800; includeSubDomains; preload
bootstrap.min.css
md5file.com/v4/css/
216 KB
39 KB
Stylesheet
General
Full URL
https://md5file.com/v4/css/bootstrap.min.css
Requested by
Host: md5file.com
URL: https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 15 Jan 2023 14:37:18 GMT
server
nginx/1.22.0
etag
W/"63c40f9e-35e6c"
content-type
text/css
md5file.logo.40.png
md5file.com/img/
8 KB
8 KB
Image
General
Full URL
https://md5file.com/img/md5file.logo.40.png
Requested by
Host: md5file.com
URL: https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
452ba994f7099d35b41c96e8d792d8ad65fdc1ec7e1e019b6ae721f40516b0ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
last-modified
Fri, 14 Dec 2012 13:29:19 GMT
server
nginx/1.22.0
etag
"50cb29af-1f61"
content-type
image/png
accept-ranges
bytes
content-length
8033
popper.min.js
md5file.com/v4/js/
20 KB
8 KB
Script
General
Full URL
https://md5file.com/v4/js/popper.min.js
Requested by
Host: md5file.com
URL: https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 15 Jan 2023 14:39:13 GMT
server
nginx/1.22.0
etag
W/"63c41011-4e7f"
content-type
application/javascript
bootstrap.bundle.min.js
md5file.com/v4/js/
79 KB
28 KB
Script
General
Full URL
https://md5file.com/v4/js/bootstrap.bundle.min.js
Requested by
Host: md5file.com
URL: https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 15 Jan 2023 14:38:19 GMT
server
nginx/1.22.0
etag
W/"63c40fdb-13ad7"
content-type
application/javascript
app.js
md5file.com/v4/js/
4 KB
2 KB
Script
General
Full URL
https://md5file.com/v4/js/app.js
Requested by
Host: md5file.com
URL: https://md5file.com/calculator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
3e751d1eb30cbcd3234f99420563b794f22a95634a2fc004e1cdd41df2b546ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://md5file.com/calculator
Origin
https://md5file.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 21 Jan 2023 12:25:56 GMT
server
nginx/1.22.0
etag
W/"63cbd9d4-11e6"
content-type
application/javascript
main.wasm
md5file.com/v4/wasm/
2 MB
689 KB
Fetch
General
Full URL
https://md5file.com/v4/wasm/main.wasm
Requested by
Host: md5file.com
URL: https://md5file.com/v4/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
0e3a882b22234d497ab370b800616a18b69abcf52256f5ac9371a6c1941d1437
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
last-modified
Sat, 21 Jan 2023 10:28:42 GMT
server
nginx/1.22.0
etag
"63cbbe5a-ac084"
content-type
application/wasm
content-length
704644
worker.js
md5file.com/v4/js/
25 KB
6 KB
Other
General
Full URL
https://md5file.com/v4/js/worker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
eb859e3f5bd0ddcac6283b288344935f118a9d7430d09b5cab62eb266b79a057
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 21 Jan 2023 10:24:00 GMT
server
nginx/1.22.0
etag
W/"63cbbd40-6367"
content-type
application/javascript
worker.js
md5file.com/v4/js/
25 KB
6 KB
Other
General
Full URL
https://md5file.com/v4/js/worker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
eb859e3f5bd0ddcac6283b288344935f118a9d7430d09b5cab62eb266b79a057
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 21 Jan 2023 10:24:00 GMT
server
nginx/1.22.0
etag
W/"63cbbd40-6367"
content-type
application/javascript
worker.js
md5file.com/v4/js/
25 KB
6 KB
Other
General
Full URL
https://md5file.com/v4/js/worker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
eb859e3f5bd0ddcac6283b288344935f118a9d7430d09b5cab62eb266b79a057
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 21 Jan 2023 10:24:00 GMT
server
nginx/1.22.0
etag
W/"63cbbd40-6367"
content-type
application/javascript
worker.js
md5file.com/v4/js/
25 KB
6 KB
Other
General
Full URL
https://md5file.com/v4/js/worker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:192:13a7::1 Klettgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
eb859e3f5bd0ddcac6283b288344935f118a9d7430d09b5cab62eb266b79a057
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://md5file.com/calculator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:38:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 21 Jan 2023 10:24:00 GMT
server
nginx/1.22.0
etag
W/"63cbbd40-6367"
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| check_wasm object| Popper number| uidEvent object| bootstrap

1 Cookies

Domain/Path Name / Value
md5file.com/ Name: lsid
Value: 4p2gno1th2vnhig2hahkalhpiv

4 Console Messages

Source Level URL
Text
worker info URL: https://md5file.com/v4/js/worker.js(Line 608)
Message:
module received from main thread
worker info URL: https://md5file.com/v4/js/worker.js(Line 608)
Message:
module received from main thread
worker info URL: https://md5file.com/v4/js/worker.js(Line 608)
Message:
module received from main thread
worker info URL: https://md5file.com/v4/js/worker.js(Line 608)
Message:
module received from main thread

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload