cwrestorevercelapp.com Open in urlscan Pro
2606:4700:3035::ac43:9488 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cwrestorevercelapp.com/en/index.html
Submission: On February 23 via manual (February 23rd 2024, 4:19:55 am UTC) from NP — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::ac43:9488, located in United States and belongs to CLOUDFLARENET, US. The main domain is cwrestorevercelapp.com.
TLS certificate: Issued by GTS CA 1P5 on January 27th 2024. Valid for: 3 months.

This is the only time cwrestorevercelapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3035::ac43:9488	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:20c... 2600:9000:20c3:7800:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	3

4 2606:4700:3035::ac43:9488 (United States)

ASN13335 (CLOUDFLARENET, US)

cwrestorevercelapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20c3:7800:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6082	63 KB
4	cwrestorevercelapp.com cwrestorevercelapp.com	66 KB
12	2

	Domain	Requested by
8	assets-global.website-files.com	cwrestorevercelapp.com
4	cwrestorevercelapp.com	cwrestorevercelapp.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
cwrestorevercelapp.com GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cwrestorevercelapp.com/en/index.html
Frame ID: FAFAC69B5614C98D5906E54E91F283BA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

restoration-app

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

131 kB
Transfer

339 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response cwrestorevercelapp.com/en/	11 KB 3 KB	371ms 296ms	Document text/html	2606:4700:3035::ac43:9488 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9488 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0551c826b1a0d735ef5959aff0eeef23612f5c9b0506ccc186049386418cad38` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 859cac3f2ae466eb-AMS content-encoding br content-type text/html date Fri, 23 Feb 2024 04:19:50 GMT last-modified Sat, 27 Jan 2024 16:59:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8Oc02rcGLmReo43LlRMmT22O%2B3oqLWXeAY06vFsKX56xpWq5Q2tNDmbRayKrWtbFYNkQipHPb%2F8tl3dyiWQwzTu6y5%2BmllTiFfJfvfAIXcDTMsE04z1Rgijrap8tE0IQbf26sNGEHGwwzKm%2F9qaYSLQRzqZ"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	restoration-app.webflow.b2c8a7539.css cwrestorevercelapp.com/assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/css/	49 KB 11 KB	38ms 37ms	Stylesheet text/css	2606:4700:3035::ac43:9488 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cwrestorevercelapp.com/assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/css/restoration-app.webflow.b2c8a7539.css Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9488 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca2dc82cc560d4cc1ed14b7b8c3b6e2ccb7e61159e6cb9973b3beba89e98b4de` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/en/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 23 Feb 2024 04:19:50 GMT content-encoding br cf-cache-status HIT last-modified Sat, 11 Nov 2023 12:11:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4739 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuSXYjT4HQcZ%2FpXxSLDnT3R7nc0KV%2B3xX5EgmZUAL5OYtR8iWs5Q0ez06dQuJDlhbluJPhL7NyTf5QnAzaBAqjn2z%2FQuvY7IBvRLVTIqeLr2lD%2Bc4kSq6H%2Bz2IGdOD7T4l2O1HghDG6lyG%2BYeqCPNbqXjGd%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 859cac417d8266eb-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.5.1.min.dc5e7f18c89562.js Show response cwrestorevercelapp.com/d3e54v103j8qbb.cloudfront.net/js/	87 KB 32 KB	497ms 497ms	Script application/javascript	2606:4700:3035::ac43:9488 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cwrestorevercelapp.com/d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c89562.js?site=654efcdd5b5fc501c7c2a1e0 Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9488 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers Referer https://cwrestorevercelapp.com/en/index.html Origin https://cwrestorevercelapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 23 Feb 2024 04:19:51 GMT content-encoding br cf-cache-status MISS last-modified Mon, 20 Jul 2020 23:53:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j%2BrPZgjqM2k2VdV0euGQZwOjmuboM63WjHXbcd7sfahE4DDMquM5SmSXINRllzZooOVxAJ8UNUKnZ88ZMR%2F7AC%2BbWI1JUjNPE0iikteEkpu5y58OutsFAdZWoK88OYORBnRyCT5%2F8nlihSgI8HhM87tdaXD"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 859cac417d8466eb-AMS alt-svc h3=":443"; ma=86400
GET H2	200	webflow.1f39e2049.js Show response cwrestorevercelapp.com/assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/js/	57 KB 21 KB	265ms 264ms	Script application/javascript	2606:4700:3035::ac43:9488 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cwrestorevercelapp.com/assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/js/webflow.1f39e2049.js Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9488 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b21fa3032cf5169dcd3aecd7cdb99e2def924e108effa6faf8491ab732534d32` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/en/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Fri, 23 Feb 2024 04:19:50 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 11 Nov 2023 12:11:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3u1MMWonjsSzCe0m5PO9tcnr23bQeR4%2BhQ07EkXawuoDsu55QQq2gITXc0nSH2rzu95b3tuVn0DiaxpiA4xLB4sT6o06LTjFFHmzT%2F1Ua1H6yeuAV2UTeDKntNoNiqhha4AC5LFbMIRZzQ81%2FdIQ716TVj9"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 859cac417d8566eb-AMS alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4` Request headers Referer Origin https://cwrestorevercelapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H2	200	654efdac319b17ac594afdec_logo.svg assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/	12 KB 4 KB	140ms 42ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/654efdac319b17ac594afdec_logo.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sun, 18 Feb 2024 22:15:14 GMT x-amz-version-id ss.aA7RdZU7Ol3b6vuFRJ.iBWnX55qL_ content-encoding br via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 367477 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 11 Nov 2023 04:06:23 GMT server AmazonS3 etag W/"51bcea2625eb2c6e9268a7377a792c86" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id 3aTwOQLmEpeMQuuc6oVayPewRoERETIUfUIqoZLU0XLrVXPLGt3MBg==
GET H2	200	654efe103557b10a70891ce6_home-hero-p-800.webp assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/	19 KB 20 KB	138ms 39ms	Image image/webp	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/654efe103557b10a70891ce6_home-hero-p-800.webp Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `4549a9bffa68a0d396b185fe2a24452027b61ac3a1a519f5559d9a93784d0a73` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sun, 18 Feb 2024 23:11:45 GMT x-amz-version-id pprthMpJU1zyhyY1O_FSR7__._KuUNHy via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 364086 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 19564 last-modified Sat, 11 Nov 2023 04:07:48 GMT server AmazonS3 etag "815d5aca71cceb4c7b20aed8781a89b1" content-type image/webp access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id vrFVXp1912rVRlMFmuLdA1cWuDkFjMSLUIj8qGcDbarV11i5a5aa1Q==
GET H2	200	654eff1d5b5fc501c7c4679c_wallet-illo.svg assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/	36 KB 12 KB	154ms 55ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/654eff1d5b5fc501c7c4679c_wallet-illo.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sun, 18 Feb 2024 22:15:14 GMT x-amz-version-id o0mldJ2IfE_y1cSzJpd1O_bgGePgc3GF content-encoding br via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 367477 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 11 Nov 2023 04:12:15 GMT server AmazonS3 etag W/"63ad7f01f67accd6aafb47999640abe5" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id L6BiypRmUSuM0hil1eqa8h4yPC8CE-bwwcraizvfw0w4ixS-aK3l5A==
GET H2	200	654eff4d40eee6f7b6469244_Explore-illo.svg assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/	36 KB 13 KB	162ms 63ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/654eff4d40eee6f7b6469244_Explore-illo.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sun, 18 Feb 2024 22:15:14 GMT x-amz-version-id 9HxY6F7kTC88pyGRWQ7GGVJN6OeWiB4h content-encoding br via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 367477 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 11 Nov 2023 04:13:03 GMT server AmazonS3 etag W/"46fb450c5ecf6da758bca0975551f056" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id pswD4lN1FvdygbMGHNqDwilllb0nO2U5pS7Nr4wsuAeUSgQMOpUrPQ==
GET H2	200	654eff95746087a008175a5c_Browse-illo.svg assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/	28 KB 11 KB	165ms 67ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/654efcdd5b5fc501c7c2a1e0/654eff95746087a008175a5c_Browse-illo.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sun, 18 Feb 2024 22:15:14 GMT x-amz-version-id oF.ZUhuZDG0AbtnCFSy85bwfxNZBXsFo content-encoding br via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 367477 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 11 Nov 2023 04:14:16 GMT server AmazonS3 etag W/"afeafb6a9f14bd7771c63015be5a05c9" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id hniV3PxjxQkjxSrujK2huCtmXYY1FR6XrRb6KGtnjV7W8FPhrO4ZAw==
GET H2	200	62434fa732124ac15112aad5_twitter%20small.svg assets-global.website-files.com/62434fa732124a0fb112aab4/	1 KB 1 KB	128ms 30ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/62434fa732124a0fb112aab4/62434fa732124ac15112aad5_twitter%20small.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `d413b318eda91eb136562e4be61e2cc2e1ea6df2264dae7378efd61ad451a500` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sat, 30 Sep 2023 22:56:56 GMT x-amz-version-id eaWhgDAlxBfk_jPlqr5tFntzM.Eu4UbJ content-encoding gzip via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 12547375 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Mar 2022 18:27:52 GMT server AmazonS3 etag W/"a47b1cbfdc6fa1669961bc8723544a9e" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id Niajo0mjnKPb68aZPP6cinIsKsp2J7i0Sw_Lz2Ru8fbqpANnYe3zMg==
GET H2	200	62434fa732124a389912aad8_linkedin%20small.svg assets-global.website-files.com/62434fa732124a0fb112aab4/	694 B 1 KB	37ms 37ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/62434fa732124a0fb112aab4/62434fa732124a389912aad8_linkedin%20small.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `efa11ee61a1ab3ed76779ad1cd7fe00433e2028f50d1ed6539811a0da46eec18` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:41:13 GMT x-amz-version-id dA0VjGbzQNVBpm8EOhBGZScjIg2vrtop via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 2342318 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 694 last-modified Tue, 29 Mar 2022 18:27:52 GMT server AmazonS3 etag "c6c1faf3489d1c28ee09b4c62ce2af80" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ggMGCdn7l_PdA6qKtugCZZkBwZYy55YJNfwbhSfy7UGK-DAAQ0b2MQ==
GET H2	200	62434fa732124a51bf12aae9_facebook%20small.svg assets-global.website-files.com/62434fa732124a0fb112aab4/	396 B 853 B	38ms 38ms	Image image/svg+xml	2600:9000:20c3:7800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/62434fa732124a0fb112aab4/62434fa732124a51bf12aae9_facebook%20small.svg Requested by Host: cwrestorevercelapp.com URL: https://cwrestorevercelapp.com/en/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:7800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `4cfc7274b33814a9a5dfcbe4446e27eb149b7679abc52b33fd505b612bd3bb1b` Request headers accept-language de-DE,de;q=0.9 Referer https://cwrestorevercelapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36 Response headers date Sat, 27 Jan 2024 05:15:15 GMT x-amz-version-id iD9JJ_PwTI1.3j8VPJC2mL03M.WJCbu. via 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront) age 2329476 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 396 last-modified Tue, 29 Mar 2022 18:27:52 GMT server AmazonS3 etag "1ee0cafd16821aa712f6d3ba1d6b08dc" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id hp2mSEGEsXcEjfCmeZqC0gBsjAuC3tVu79r9IK4yb7BRtBQwxOJTkA==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tram object| Webflow

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-global.website-files.com
cwrestorevercelapp.com
2600:9000:20c3:7800:12:9e5f:cac0:93a1
2606:4700:3035::ac43:9488
0551c826b1a0d735ef5959aff0eeef23612f5c9b0506ccc186049386418cad38
4549a9bffa68a0d396b185fe2a24452027b61ac3a1a519f5559d9a93784d0a73
4cfc7274b33814a9a5dfcbe4446e27eb149b7679abc52b33fd505b612bd3bb1b
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
b21fa3032cf5169dcd3aecd7cdb99e2def924e108effa6faf8491ab732534d32
ca2dc82cc560d4cc1ed14b7b8c3b6e2ccb7e61159e6cb9973b3beba89e98b4de
d413b318eda91eb136562e4be61e2cc2e1ea6df2264dae7378efd61ad451a500
efa11ee61a1ab3ed76779ad1cd7fe00433e2028f50d1ed6539811a0da46eec18
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

cwrestorevercelapp.com Open in urlscan Pro 2606:4700:3035::ac43:9488 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

131 kBTransfer

339 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

cwrestorevercelapp.com Open in urlscan Pro
2606:4700:3035::ac43:9488 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

131 kB
Transfer

339 kB
Size

0
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!