urlscan.io logo urlscan.io
SecurityTrails logo

needynovember.com Open in urlscan Pro
23.163.176.213  Public Scan

Go To Rescan Add Verdict Report
URL: https://needynovember.com/
Submission Tags: phishingrod
Submission: On February 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 23.163.176.213, located in United States and belongs to VANWATECH, US. The main domain is needynovember.com.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time needynovember.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.163.176.213 398088 (VANWATECH)
12 2605:cdc0::100 398088 (VANWATECH)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 5
Apex Domain
Subdomains		 Transfer
12 vanwa.tech
vanwa.tech
414 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
3 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 needynovember.com
needynovember.com
628 B
20 4
Domain Requested by
12 vanwa.tech needynovember.com
vanwa.tech
4 fonts.googleapis.com vanwa.tech
2 fonts.gstatic.com fonts.googleapis.com
1 needynovember.com
20 4

This site contains no links.

Subject Issuer Validity Valid
needynovember.com
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
vanwa.tech
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 2 frames:

Frame: https://needynovember.com/
Frame ID: 81B114B078CF871854FDDF630776AD1D
Requests: 3 HTTP requests in this frame

Frame: https://vanwa.tech/browser-verification
Frame ID: B59076EC1A63E276ECCD286910A885D0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

449 kB
Transfer

2072 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
needynovember.com/ 		954 B
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://needynovember.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.163.176.213 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
9089eb0c0475cc95bd84c001d64ad831ef17bd0693d77d99fe8b546e8e21679a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3-23=":443"; ma=86400
cache-control
no-cache
content-encoding
br
content-type
text/html
date
Mon, 27 Feb 2023 07:47:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx
vary
Accept-Encoding
aes.js
vanwa.tech/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/aes.js
Requested by
Host: needynovember.com
URL: https://needynovember.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needynovember.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:47:35 GMT
content-encoding
br
vanwatech_cache_status
MISS
last-modified
Wed, 28 Dec 2022 17:05:08 GMT
server
nginx
etag
W/"63ac7744-79e6"
vary
Accept-Encoding
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/aes.js
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:36 GMT
browser-verification
vanwa.tech/ Frame B590 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/browser-verification
Requested by
Host: needynovember.com
URL: https://needynovember.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
c97bc30e5b6ef9929afd15f635132be0a8474b5b57481a2cad0d742adaca2bbd

Request headers

Referer
https://needynovember.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Range
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=0, no-cache
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 27 Feb 2023 07:47:35 GMT
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/browser-verification
server
nginx
vanwatech_cache_status
STALE
vanwatech_edge_caching
yes
vary
Accept-Encoding
x-page-speed
1.13.35.2-0
main.css
vanwa.tech/assets/css/ Frame B590 		1 MB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/css/main.css
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
1008dac64431a4bdc47f63b743a9c7f969cb92f2d74874707248ff3d44b1955d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
br
vanwatech_cache_status
UPDATING
last-modified
Wed, 28 Dec 2022 17:05:16 GMT
server
nginx
etag
W/"63ac774c-175738"
vary
Accept-Encoding
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/assets/css/main.css
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:37 GMT
loading.svg
vanwa.tech/ Frame B590 		1 KB
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanwa.tech/loading.svg
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
0b7bee0ed94eab854e0ce754311d94a7ba57ec85170184a47ec3e611338f275a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
br
vanwatech_cache_status
HIT
last-modified
Wed, 28 Dec 2022 17:05:11 GMT
server
nginx
etag
W/"63ac7747-53c"
vary
Accept-Encoding
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/loading.svg
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:37 GMT
jquery-3.5.1.min.js
vanwa.tech/assets/js/vendors/ Frame B590 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/vendors/jquery-3.5.1.min.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
br
vanwatech_cache_status
UPDATING
last-modified
Wed, 28 Dec 2022 17:05:35 GMT
server
nginx
etag
W/"63ac775f-15d83"
vary
Accept-Encoding
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/assets/js/vendors/jquery-3.5.1.min.js
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:37 GMT
popper.min.js+bootstrap.min.js.pagespeed.jc.exTUfJ1GqU.js
vanwa.tech/assets/js/vendors/ Frame B590 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/vendors/popper.min.js+bootstrap.min.js.pagespeed.jc.exTUfJ1GqU.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
c45ce31ed15b98b74338094c2500833fc6a8f11a59a73e3b1de3457fb32b5403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:23:46 GMT
content-encoding
gzip
x-original-content-length
81349
content-length
21797
x-page-speed
1.13.35.2-0
vanwatech_cache_status
UPDATING
last-modified
Mon, 27 Feb 2023 05:23:46 GMT
server
nginx
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Tue, 27 Feb 2024 05:23:46 GMT
bootstrap-slider.min.js.pagespeed.jm.a1qCOGc7iN.js
vanwa.tech/assets/js/vendors/ Frame B590 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/vendors/bootstrap-slider.min.js.pagespeed.jm.a1qCOGc7iN.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
ac5c567ffbe3260b567d6d21c068989807d9f5a6745761e8e6c7f5577f4dd13b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 06:37:28 GMT
content-encoding
gzip
x-original-content-length
38629
content-length
8798
x-page-speed
1.13.35.2-0
vanwatech_cache_status
UPDATING
last-modified
Mon, 27 Feb 2023 06:37:28 GMT
server
nginx
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/assets/js/vendors/bootstrap-slider.min.js
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
vanwatech_edge_caching
yes
accept-ranges
bytes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Tue, 27 Feb 2024 06:37:28 GMT
jquery.easing.min.js+owl.carousel.min.js+countdown.min.js+jquery.waypoints.min.js+jquery.rcounterup.js+magnific-popup.min.js.pagespeed.jc.f4smp2VSCx.js
vanwa.tech/assets/js/vendors/ Frame B590 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/vendors/jquery.easing.min.js+owl.carousel.min.js+countdown.min.js+jquery.waypoints.min.js+jquery.rcounterup.js+magnific-popup.min.js.pagespeed.jc.f4smp2VSCx.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
1ce1f756022b91974e5d970d1b71b3fe032633bacbae14f845c14b0096fcbb4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:23:46 GMT
content-encoding
gzip
x-original-content-length
86515
content-length
23340
x-page-speed
1.13.35.2-0
last-modified
Mon, 27 Feb 2023 05:23:46 GMT
server
nginx
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Tue, 27 Feb 2024 05:23:46 GMT
validator.min.js+hs.megamenu.js.pagespeed.jc.f8UVri9_rz.js
vanwa.tech/assets/js/vendors/ Frame B590 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/vendors/validator.min.js+hs.megamenu.js.pagespeed.jc.f8UVri9_rz.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
b3413f3cb9f7a1bcad978fdcf9d2f425c705a8fcf59a5ddf3f88463b93569724

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:23:46 GMT
content-encoding
gzip
x-original-content-length
28605
content-length
4727
x-page-speed
1.13.35.2-0
vanwatech_cache_status
UPDATING
last-modified
Mon, 27 Feb 2023 05:23:46 GMT
server
nginx
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Tue, 27 Feb 2024 05:23:46 GMT
app.js.pagespeed.jm.Px1MuRBEUU.js
vanwa.tech/assets/js/ Frame B590 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/js/app.js.pagespeed.jm.Px1MuRBEUU.js
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
334150a80f33a9973d6cf8eaf38cad66aa86a4bccbd5f2bb3dcf624bf0273881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/browser-verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:18:18 GMT
content-encoding
gzip
x-original-content-length
12407
content-length
2307
x-page-speed
1.13.35.2-0
vanwatech_cache_status
UPDATING
last-modified
Mon, 27 Feb 2023 07:18:18 GMT
server
nginx
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/assets/js/app.js
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Tue, 27 Feb 2024 07:18:18 GMT
css
fonts.googleapis.com/ Frame B590 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 06:45:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 07:47:36 GMT
css
fonts.googleapis.com/ Frame B590 		6 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 06:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 07:47:36 GMT
css
fonts.googleapis.com/ Frame B590 		6 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 07:19:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 07:47:36 GMT
css2
fonts.googleapis.com/ Frame B590 		4 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=swap
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6d229fd71143f36b3de274a7457709f8e268bdd2a303f232aa005a5aa358d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vanwa.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 07:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 07:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 07:47:36 GMT
fa-solid-900.woff2
vanwa.tech/assets/fonts/ Frame B590 		169 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/assets/fonts/fa-solid-900.woff2
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
5950d2f39fd635e5c97054053cc92e0f79c233353989f49454a03c32f897ba5a

Request headers

Referer
https://vanwa.tech/assets/css/main.css
Origin
https://vanwa.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:47:36 GMT
content-length
173208
vanwatech_cache_status
UPDATING
last-modified
Wed, 28 Dec 2022 17:05:16 GMT
server
nginx
etag
"63ac774c-2a498"
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/assets/fonts/fa-solid-900.woff2
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
accept-ranges
bytes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B590 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vanwa.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:08 GMT
x-content-type-options
nosniff
age
258088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 08:06:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B590 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vanwa.tech
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 14:05:36 GMT
x-content-type-options
nosniff
age
322920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 14:05:36 GMT
ngx_pagespeed_beacon
vanwa.tech/ Frame B590 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vanwa.tech/ngx_pagespeed_beacon?url=https%3A%2F%2Fvanwa.tech%2Fbrowser-verification
Requested by
Host: vanwa.tech
URL: https://vanwa.tech/browser-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2605:cdc0::100 , United States, ASN398088 (VANWATECH, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vanwa.tech/browser-verification
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Feb 2023 07:47:37 GMT
server
nginx
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS,CORS
onion-location
http://vanwa.tech.nrynsvme4apu4a4vkqc2wyn7fdemrt4hcrv25gdaqsdvsqfilqz23eyd.onion/ngx_pagespeed_beacon?url=https%3A%2F%2Fvanwa.tech%2Fbrowser-verification
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=1
access-control-allow-credentials
true
vanwatech_edge_caching
yes
access-control-allow-headers
Pragma,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Range
expires
Mon, 27 Feb 2023 07:47:38 GMT
/
needynovember.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
needynovember.com
URL
https://needynovember.com/

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| slowAES function| toNumbers function| toHex object| a object| b object| c

1 Cookies

Domain/Path Name / Value
needynovember.com/ Name: VANWATECHCDN
Value: 5233b4cf07ab8f9bd63b72080afe5d0a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
needynovember.com
vanwa.tech
needynovember.com
23.163.176.213
2605:cdc0::100
2a00:1450:4001:831::2003
2a00:1450:400d:80e::200a
0b7bee0ed94eab854e0ce754311d94a7ba57ec85170184a47ec3e611338f275a
1008dac64431a4bdc47f63b743a9c7f969cb92f2d74874707248ff3d44b1955d
1ce1f756022b91974e5d970d1b71b3fe032633bacbae14f845c14b0096fcbb4e
334150a80f33a9973d6cf8eaf38cad66aa86a4bccbd5f2bb3dcf624bf0273881
5950d2f39fd635e5c97054053cc92e0f79c233353989f49454a03c32f897ba5a
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421
9089eb0c0475cc95bd84c001d64ad831ef17bd0693d77d99fe8b546e8e21679a
ac5c567ffbe3260b567d6d21c068989807d9f5a6745761e8e6c7f5577f4dd13b
b3413f3cb9f7a1bcad978fdcf9d2f425c705a8fcf59a5ddf3f88463b93569724
c45ce31ed15b98b74338094c2500833fc6a8f11a59a73e3b1de3457fb32b5403
c6d229fd71143f36b3de274a7457709f8e268bdd2a303f232aa005a5aa358d5c
c97bc30e5b6ef9929afd15f635132be0a8474b5b57481a2cad0d742adaca2bbd
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615