downloadws.com Open in urlscan Pro
2606:4700:3037::ac43:db2b  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response downloadws.com/	22 KB 7 KB	485ms 435ms	Document text/html	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 369f663a707b170ebfeef702117983772857c303937fe417907f666453ca96cc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 831ab465eed003e4-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 07 Dec 2023 06:27:46 GMT Last-Modified Sat, 14 Jan 2023 09:17:23 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1Yb4qbH1t4Ylf6A51FwLb0vVa2cOzjyH85qVuvKXM3ki4LcT5ixa39qPvx2p05a0S6LYF52dfV9MooGPyoSISxUjG%2F%2BYiiBpvPfcOASKwD8XOfBQb4UjOWuk3Co%2FhrN31veiI%2B3az2DUur92Q%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By ASP.NET alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	C2fHuK6eV5E.css downloadws.com/download_files/	7 KB 3 KB	473ms 434ms	Stylesheet text/css	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/download_files/C2fHuK6eV5E.css Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5d25fc039de768564d39bedbd355926f6612dcf06d40ade793709502ea296d8a Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 2175 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "c822643bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQOn3rTbNKCmGmmpMdXINY7kuVHCXRgvlZ%2BEpShMlKS%2BO07LGlVWpfa%2FBnEBZK5%2FW2teXQScpUhAFKkebhIo%2FJLNwLwzUQfgxBjqsEeMLXVMMpGRXpYCGfE6S94rAwrDgJOgPPUpe3eL3a3NIA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab468e8f71e4f-FRA
GET H/1.1	200 OK	J7ci6KkN4Io.css downloadws.com/download_files/	170 KB 42 KB	1061ms 1022ms	Stylesheet text/css	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/download_files/J7ci6KkN4Io.css Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6c0cd3ab0d50f2afffd5bee8b72e2aa34adce64bceedb311ccd3c7bc9c8a04da Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 42605 Last-Modified Sat, 14 Jan 2023 04:07:23 GMT Server cloudflare ETag "b4b3beb4cd27d91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ONC9SQ04Hk%2BWDpruPn4fi%2F%2FrxxMmJdvLTSRqxDoqejbImJ4n%2FM2yDUsblXYRteZ9%2BZuAp7ug1bSIFx5fuW4vRNU56%2F6sa1%2BlOj42fWPu7%2FEMzI1NyV16xJP59pZ7Wx4%2BCUg03j0Mh0uXYZ%2Fjw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab468ec0c2c75-FRA
GET H/1.1	200 OK	bvgAvxUnJO-.css downloadws.com/download_files/	6 KB 3 KB	508ms 469ms	Stylesheet text/css	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/download_files/bvgAvxUnJO-.css Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fc0821fb923a586e97a0581c6490cd08b1784b98f77b026fbefe93c32960684e Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 2438 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "3d85663bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqnEvXpbGEoj%2Fo0F6Fvn9Tp1aoTINy6zbUheXffHA%2F8Ns7Gdt8Y6RO9CVvEHvPJcnpxUURSPkdz3xmQSU3AGPddQH5tuS%2Bet5qeoy7JfQcUmz2x00Lu7UlKq8TFV1x%2B2pR1bkbiJrKFHpAnzrQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab468ee515da0-FRA
GET H/1.1	200 OK	28bZN702Ikw.css downloadws.com/download_files/	761 B 1 KB	500ms 461ms	Stylesheet text/css	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/download_files/28bZN702Ikw.css Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 455 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "c822643bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQYiBGMVFTI7CnmQ4qphn2NV4WAuWxJX8a9g%2FGS9StHh3X%2Bq8RXwjb4ThHGj8nA%2F90LhkTsj2vEzheiyrdXbJOZXHe4mOn5Wn%2FAMtYVp8hhTqVVpEaqMIdjtJFFrQfBZn6U5QjUJqfAEYkvNXQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab468e8f439d3-FRA
GET H/1.1	200 OK	7oaIa_tDt95.css downloadws.com/download_files/	4 KB 2 KB	476ms 437ms	Stylesheet text/css	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/download_files/7oaIa_tDt95.css Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e907e05202aafde1448bab14aa73d43f4eb96b109fe1dd8db39bafe9c6059487 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 1701 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "c822643bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYS92GVWOalQhdoQADi%2FoRvnEh0v59RqO7XW2m%2BVvmS2DMSgAnUSOnM7%2FasktZVowT9q3ozhv2H3Jspya58GYE%2Fqj7fhy7fx6HGUUbHoOP8u4d3TMgEJ7LvpKB%2FKBqAz6VjlIMQ4QUNPH%2BPQqA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab468ec1d2bd5-FRA
GET H/1.1	200 OK	36B424nhiL4.svg downloadws.com/download_files/	9 KB 4 KB	614ms 432ms	Image image/svg+xml	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://downloadws.com/download_files/36B424nhiL4.svg Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag W/"c822643bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouwnjZxrZONcZ%2FegMB8IHx4yNI2Q6pyAySLrz7OhgxJ4gBtNdGQQwBrdfDky6oegAKNot9jNhU4gPxfsF%2BOkZmshSSf2fXok%2FoJuqaY57UGePoai57xT5ZKJEJuTRVyAbBXL4SwAjBcmupU3NQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 831ab469cb6d03e4-FRA
GET H/1.1	200 OK	lOol7j-zq4u.svg downloadws.com/download_files/	3 KB 2 KB	453ms 453ms	Image image/svg+xml	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://downloadws.com/download_files/lOol7j-zq4u.svg Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag W/"a2e7683bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWYiRNamwgR6y9hik2w7ef5SRSYvaJaqmCkbcJBsXGCO1ohnFjrj%2FdgQY1iIX4Ayn5mAULoOSHFuAnSpcToshhSvLl%2BGo5Dz%2Fku8ne8auA%2Buz6XxeSmhRA%2F24R43xbtvotN2hRJMw8DHKyAbWw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=14400 CF-RAY 831ab46bae952bd5-FRA
GET H/1.1	200 OK	img14.png downloadws.com/download_files/	22 KB 22 KB	816ms 816ms	Image image/png	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://downloadws.com/download_files/img14.png Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 736ec0b63c70e29a0dad38ffb5a2f40c1b66062ac2e31ee4c21e43f2890b00e2 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 22083 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "a2e7683bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovSGbAEbtw4ydv8OFS8wRx4xfarT5Omhblu7cdlNbBoIPvCQbhkDCTrCLTBSdd4f5jOW6uL5OXPhWHAoYrAkDzTgrSZyGI84SMP1ZjFqt83f2VwOQhnsQd9%2F7RgA4tyJbDyY7oZYjtpPXijwXw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab46bcbef39d3-FRA
GET H/1.1	200 OK	img15.png downloadws.com/download_files/	22 KB 22 KB	804ms 804ms	Image image/png	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://downloadws.com/download_files/img15.png Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash cd899e99d525898009bc4673d29cf38ebdc2ddc6d14bd7263f2c53e322ef2ef4 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 22023 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "a2e7683bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A380jFduaj92sSKtvDfVcB5NzTIALn7MnTwWLj3BEULbcT7LVFrw0L5qx7Ity1%2FlzAmgshY5p51QzEO5qt%2F2HN%2FPOEijVknvMV7fgMni1pH%2BaccgtUSofN%2FmFyNrBLC26NgCoJXr8u8aaz3sSA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab46bd8a65da0-FRA
GET H/1.1	200 OK	img13.png downloadws.com/download_files/	180 KB 181 KB	432ms 432ms	Image image/png	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://downloadws.com/download_files/img13.png Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5e6fe7b4e4981959699752f4dc6ba27d8994ffcb94fbaa32b3f575e89c635347 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 184744 Last-Modified Thu, 08 Dec 2022 06:42:25 GMT Server cloudflare ETag "a2e7683bd0ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo5v%2BNdWtCiWv8lw%2BcEGgbCnOyFVV7LYFoZ3XDzVvbMDwS5szwAMGd62%2BAqukSMkGO6ivPa55KSeZwErjUp5pb%2Fi5WOubA3i53gJEWlUVBb2ZGyx3hRtywrgnCRkJWcNKO5XbJJwG6BVLy1MJA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab46c8ec803e4-FRA
GET H/1.1	200 OK	download.js Show response downloadws.com/js/	3 KB 2 KB	746ms 456ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/download.js Requested by Host: downloadws.com URL: http://downloadws.com/ Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8df584b0c50b77646069e28266b7a6913c87236bf20480a5b01813534901b91f Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 1235 Last-Modified Sat, 15 Jul 2023 10:40:21 GMT Server cloudflare ETag "e12619c18b7d91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcMal7%2Btzgda7v8u%2FWEgn59nvqz%2FFt%2Bkiu9rYCew1CFVjtybPipGD1L1r%2BF5MCAISXp5YgDfRthNd%2Fx3FURvR1vwQaHdQwOabM6w5pEiyUZa7oRL8XNiEjPlne8in4jzHoN%2BwfCaJvp5o3Eqsw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab46b9d021e4f-FRA
GET H/1.1	200 OK	config.js Show response downloadws.com/js/	360 B 1 KB	437ms 437ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/config.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 316 Last-Modified Sat, 14 Jan 2023 03:17:24 GMT Server cloudflare ETag "9491bab8c627d91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4Nt7VXJ8qhD0FdL5DaP0YE9JTYm0EeH1D9vWoKrnElmNZz%2BGxkPmwP7agUP8rhUyRRxwXWdhqRft77x86FRmD9D82RO2szoQpTwJTWAITmxYsVY7bSViJXHvnij5X6w7WsurQ6rnE8s3uqIug%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab46f59c82c75-FRA
GET H/1.1	200 OK	dev.js Show response downloadws.com/js/downloadlist/	604 B 1 KB	462ms 461ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/dev.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b741095b4dd61c5dbf010564980af5877e613f65df34a31436e570a4e3e7fea6 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 515 Last-Modified Fri, 19 May 2023 09:07:23 GMT Server cloudflare ETag "184f2153318ad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDJRmoJajOxAhP%2BRl2GzQLxiRtDo27h0%2FVq3N4j%2B5GFUmSJygIiHtAg7vpmrZ2uRuHGYzvB5yju2ZNLjy507ZV6wvlXZbPknWuucI5xfaxRQ9QUyw7Yas%2BF5ve7W5LSW5CoNikCPkNZtKGTAOw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721c752c75-FRA
GET H/1.1	200 OK	t117.js Show response downloadws.com/js/downloadlist/	366 B 1 KB	454ms 454ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t117.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a7c0934f3f361dc783aec0d5397edec204292279d0a01bf29a4c624dc61ec4f3 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 307 Last-Modified Mon, 12 Jun 2023 11:58:55 GMT Server cloudflare ETag "30179143259dd91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FYPI82mT78HNtVwrFsXb7NcUTMmWSDAqMENy%2FmtdsDHL9L1niKq61r%2BenG4lIqydeiRAhsmvXi%2BUZ7mGp1iZMCnumYzyNsjDnrRWk2GP34gdeiWtpA4JWsEl1ChaHDq26pyIhX%2FxgF2CgVihQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721ce539d3-FRA
GET H/1.1	200 OK	t126.js Show response downloadws.com/js/downloadlist/	348 B 1 KB	435ms 435ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t126.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 06d0e540effbe8b83aee9e36462d07e5d5b98758064f4f03626faa94e1f7ee7b Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 356 Last-Modified Tue, 29 Aug 2023 06:23:44 GMT Server cloudflare ETag "e7a1d25c41dad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlpcL%2BufpfD9iD1M7CnyRWsgSoPwZ7GRvSlq6kE7NLsuKonC5SpmHOf6EN8HZmqzIJTNoYNYu4POvDafHlelYcWJbz%2FzV0DepczvyHvSN8y6D7TWeLEeFls5KWa2HPER6XyZrqRKG0pUl3jt1w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721da45da0-FRA
GET H/1.1	200 OK	t158.js Show response downloadws.com/js/downloadlist/	467 B 1 KB	430ms 429ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t158.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a4e47a0328770ffc240f2d82c0efa8faf78e4c631bbc613ccc178528ec19c9cb Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 268 Last-Modified Sat, 11 Feb 2023 09:59:06 GMT Server cloudflare ETag "99a1477aff3dd91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnK5nmblyN2Ca8ry%2Biwmm8%2FCXveyTK5bg0vHC3RIl0wMi6h0JdR7lEE50FM34orIEo4X7RxoGtsI91hyr3GljYPYMBTyboxcrZJk9dj%2B%2F6Ncz9LuDMPpqfOZLth5tMHHokm7yFpfnLWWip1t7A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721d2303e4-FRA
GET H/1.1	200 OK	t168.js Show response downloadws.com/js/downloadlist/	506 B 1 KB	431ms 431ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t168.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e621c9fefc485cf657d1099534d197a946f2e87b126fdc43d8367285a96c39a6 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 295 Last-Modified Mon, 27 Nov 2023 03:17:27 GMT Server cloudflare ETag "fa63f43fe020da1:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrSVPsky2mlmCDdvz1jxEtvOoOdJg5zVDOvdcI964YQ0loNrZ9%2BeKpQfatqQvBAqvuJta83vFJ8MEb6EglenOd1H79s4xd4N5%2B6vORcbIt5T4IfmozGWKw8Fn%2BU8Y3MMNMS9AgVVQvHpumh%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721c612bd5-FRA
GET H/1.1	200 OK	t110.js Show response downloadws.com/js/downloadlist/	2 KB 1 KB	429ms 428ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t110.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 34c7178778c588eeac32b26e1daaa4621af4a3fafe88339e8c643db0ed99519a Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 394 Last-Modified Tue, 11 Apr 2023 09:00:35 GMT Server cloudflare ETag "f1d91d14546cd91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOuhCI1WGa7ZImNk1tshKk8IMX0ICi55cFT4UqQftf8HxbdJgrzRKPYPLd5OKXUkxp9%2B6rxOjFNwZz4Ta833WEDUtje%2B08fmTw6d%2FB7vwBwG3fZ929IaS09c9N0z7QZzIbtyhhv2mtUoc8AZbw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab4721c4b1e4f-FRA
GET H/1.1	200 OK	t188.js Show response downloadws.com/js/downloadlist/	1 KB 1 KB	430ms 430ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t188.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e4e75594e14cc09ebd092363ada398f8b33539d4fc5ecd2fc614ef073b758541 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 487 Last-Modified Tue, 15 Aug 2023 09:36:28 GMT Server cloudflare ETag "96e7a0f75bcfd91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onmN1eo63fNOc0qZAQWdfV%2FYsU3MVg1aqtaRnyjYSCZ24%2BqQYC7MsoUjIxWPPmlUHxhn8MS7N1JIBE%2B38415lqTJn5pWoZETW0MmAd5YXCa3G2PFZKpDbeJxOAm564opt8dp%2FEgWJEgn7QFJLA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab474cfac03e4-FRA
GET H/1.1	200 OK	t888.js Show response downloadws.com/js/downloadlist/	691 B 1 KB	436ms 436ms	Script application/javascript	2606:4700:3037::ac43:db2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://downloadws.com/js/downloadlist/t888.js Requested by Host: downloadws.com URL: http://downloadws.com/js/download.js Protocol HTTP/1.1 Server 2606:4700:3037::ac43:db2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 59d41a37db9e0757a9af8b7184519fe1d90291167435705eed303277c2eaa0a5 Request headers accept-language de-DE,de;q=0.9 Referer http://downloadws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Thu, 07 Dec 2023 06:27:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Powered-By ASP.NET Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 322 Last-Modified Wed, 09 Aug 2023 12:01:15 GMT Server cloudflare ETag "462ab932b9cad91:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYHXPkw09gloOzSTmb4eNXGaWYseLycXY0THBdqRNzAHc%2BWPQFwjwpqn5SZlWu0brkWCenRncSrqLRiUh30iyV2XnFCpW3F6GrMBx4C%2FTRL8QyGIBq8mXUs%2FKA3j3IxOO7HscmA5UECZge6N4Q%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 831ab474cf561e4f-FRA

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| envFlush object| Env number| __DEV__ boolean| CavalryLogger function| downloadAPk function| CountDownload function| downloadDesktop function| getInstallerPc function| getPortablePc function| downloadAll function| indexConfHelper function| configHelper object| urlConfigMap function| addDownloadConfig object| channal_1 object| channal_1A object| channal_1B object| channal_1C object| channal_1D object| domains object| channal_2 object| channal_9 object| channal_7 object| channal_8 object| channal_5 object| channal_6

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

downloadws.com
2606:4700:3037::ac43:db2b
06d0e540effbe8b83aee9e36462d07e5d5b98758064f4f03626faa94e1f7ee7b
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
34c7178778c588eeac32b26e1daaa4621af4a3fafe88339e8c643db0ed99519a
369f663a707b170ebfeef702117983772857c303937fe417907f666453ca96cc
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
59d41a37db9e0757a9af8b7184519fe1d90291167435705eed303277c2eaa0a5
5d25fc039de768564d39bedbd355926f6612dcf06d40ade793709502ea296d8a
5e6fe7b4e4981959699752f4dc6ba27d8994ffcb94fbaa32b3f575e89c635347
6c0cd3ab0d50f2afffd5bee8b72e2aa34adce64bceedb311ccd3c7bc9c8a04da
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
736ec0b63c70e29a0dad38ffb5a2f40c1b66062ac2e31ee4c21e43f2890b00e2
8df584b0c50b77646069e28266b7a6913c87236bf20480a5b01813534901b91f
a4e47a0328770ffc240f2d82c0efa8faf78e4c631bbc613ccc178528ec19c9cb
a7c0934f3f361dc783aec0d5397edec204292279d0a01bf29a4c624dc61ec4f3
b741095b4dd61c5dbf010564980af5877e613f65df34a31436e570a4e3e7fea6
cd899e99d525898009bc4673d29cf38ebdc2ddc6d14bd7263f2c53e322ef2ef4
e4e75594e14cc09ebd092363ada398f8b33539d4fc5ecd2fc614ef073b758541
e621c9fefc485cf657d1099534d197a946f2e87b126fdc43d8367285a96c39a6
e907e05202aafde1448bab14aa73d43f4eb96b109fe1dd8db39bafe9c6059487
e9885f72beec80104d584000fea488790bd8c910793bfb3879dc85c2fc54d98b
fc0821fb923a586e97a0581c6490cd08b1784b98f77b026fbefe93c32960684e