malware.dontneedcoffee.com Open in urlscan Pro
2606:4700:30::6818:6e0d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malware.dontneedcoffee.com/
Effective URL:
https://malware.dontneedcoffee.com/blog/
Submission: On December 11 via manual (December 11th 2019, 3:36:40 pm UTC) from US

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2606:4700:30::6818:6e0d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is malware.dontneedcoffee.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 19th 2019. Valid for: 6 months.

This is the only time malware.dontneedcoffee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:30:... 2606:4700:30::6818:6e0d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
23	4

18 2606:4700:30::6818:6e0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

malware.dontneedcoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	dontneedcoffee.com 1 redirects malware.dontneedcoffee.com	308 KB
4	gstatic.com fonts.gstatic.com	56 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
23	3

	Domain	Requested by
18	malware.dontneedcoffee.com	1 redirects malware.dontneedcoffee.com
4	fonts.gstatic.com	malware.dontneedcoffee.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	malware.dontneedcoffee.com
23	4

This site contains links to these domains. Also see Links.

Domain
www.misp-project.org
cuckoosandbox.org
github.com
twitter.com

Subject Issuer	Validity	Valid
sni181508.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-19` - `2020-04-26`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://malware.dontneedcoffee.com/blog/
Frame ID: ABEF9A4709BE0E4C7D63E1834D665D73
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/ Page URL
https://malware.dontneedcoffee.com/blog/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

371 kB
Transfer

618 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.misp-project.org/
Title: MISP

Search URL Search Domain Scan URL

URL: https://cuckoosandbox.org/
Title: Cuckoo

Search URL Search Domain Scan URL

URL: https://github.com/Kafeine

Search URL Search Domain Scan URL

URL: https://twitter.com/Kafeine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/ Page URL
https://malware.dontneedcoffee.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
malware.dontneedcoffee.com/
Redirect Chain

http://malware.dontneedcoffee.com/
https://malware.dontneedcoffee.com/

371 B
767 B

342ms
293ms

Document
text/html

2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: malware.dontneedcoffee.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 11 Dec 2019 15:36:20 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dcfbee62ba6226413a462a3d281b369761576078579; expires=Fri, 10-Jan-20 15:36:19 GMT; path=/; domain=.dontneedcoffee.com; HttpOnly; Secure
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:28 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: EFB6:3182:780D50:9AE46A:5DF107D4
via: 1.1 varnish
age: 0
x-served-by: cache-cph20630-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1576078580.890747,VS0,VE100
vary: Accept-Encoding
x-fastly-request-id: 77705dfcd6f0dc841a37b5657b4c71c7e952a9d3
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5438889359755a0c-VIE
content-encoding: br

Redirect headers

Date: Wed, 11 Dec 2019 15:36:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 11 Dec 2019 16:36:19 GMT
Location: https://malware.dontneedcoffee.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 54388892ea40599a-VIE

GET
H2 200 Primary Request / Show response
malware.dontneedcoffee.com/blog/ 22 KB
4 KB 186ms
186ms Document
text/html 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/blog/
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbd98e678f8b6a9562aad9f1b700ddef852ea9b4fa66cab85d025fdc5c82a1b

Request headers

:method: GET
:authority: malware.dontneedcoffee.com
:scheme: https
:path: /blog/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://malware.dontneedcoffee.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=dcfbee62ba6226413a462a3d281b369761576078579
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://malware.dontneedcoffee.com/

Response headers

status: 200
date: Wed, 11 Dec 2019 15:36:20 GMT
content-type: text/html; charset=utf-8
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 099A:7A84:714A48:92A004:5DF107D4
via: 1.1 varnish
age: 0
x-served-by: cache-cph20630-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1576078580.134715,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: d9362260d5e2d1284822bbbf3a96cc11657bfe63
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 543888959aa35a0c-VIE
content-encoding: br

GET
H2 200 styles_feeling_responsive.css
malware.dontneedcoffee.com/assets/css/ 136 KB
18 KB 183ms
182ms Stylesheet
text/css 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/css/styles_feeling_responsive.css
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd1d293435a55d9fb39be75b21e0656130d5618f4bd63c7227e3de1f08ffdbd

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: ee5dafc6e09bbd2a4d167993ff7e64006711539c
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: br
x-served-by: cache-cph20631-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 8D66:32DD:E99200:12CE206:5DF107D5
x-timer: S1576078580.314739,VS0,VE98
etag: W/"5ded3c6c-220ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
cf-ray: 54388896cb695a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 modernizr.min.js Show response
malware.dontneedcoffee.com/assets/js/ 11 KB
4 KB 176ms
175ms Script
application/javascript 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/js/modernizr.min.js
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 5a4bbcf6457effc792cffc38855edc9bbba79115
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: br
x-served-by: cache-cph20646-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 8EF6:4CA4:16220A:1E5BE5:5DF107D5
x-timer: S1576078580.336489,VS0,VE98
etag: W/"5ded3c6c-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
cf-ray: 54388896cb6b5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 11:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742763
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 11:30:17 GMT

GET
H2 200 logo.png
malware.dontneedcoffee.com/assets/img/ 29 KB
29 KB 170ms
170ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/assets/img/logo.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cc3eb3252a538cdf95efcb9f2481f2d4732b60307f30b2bdd52992185e347c

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 57598ef3544932b8c61fbd3e918ee2804f7d2255
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 29737
x-served-by: cache-cph20640-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 272C:4CA7:38E998:4AD4A9:5DF107D4
x-timer: S1576078580.308863,VS0,VE97
etag: "5ded3c6c-7429"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54388896cb6d5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 CVE-2018-15982.png
malware.dontneedcoffee.com/images/blog/CVE-2018-15982/ 6 KB
6 KB 182ms
181ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-15982/CVE-2018-15982.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0223ac074a955842eefd96a49a4f288233c622237fa14f9baeed98a93677af55

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 1f89a07d08328b83979d83e12c12833c1b5f33dc
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 6044
x-served-by: cache-cph20624-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: ECF8:7ED2:B9DE15:EE5E3B:5DF107D4
x-timer: S1576078580.339854,VS0,VE100
etag: "5ded3c6c-179c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54388896cb6e5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 CVE-2018-8174.png
malware.dontneedcoffee.com/images/blog/CVE-2018-8174/ 20 KB
21 KB 197ms
196ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-8174/CVE-2018-8174.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfa5a77519697ebf931b3b707e71a6ee591136f845e233866e46a89391f7c09

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: b4141dfa1cde79ce89a73ee3f591fecf3903b44d
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 20967
x-served-by: cache-cph20639-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 5D60:3182:780D5B:9AE46B:5DF107D4
x-timer: S1576078581.523319,VS0,VE96
etag: "5ded3c6d-51e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54388897fc475a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 CVE-2018-4878.png
malware.dontneedcoffee.com/images/blog/CVE-2018-4878/ 19 KB
19 KB 194ms
193ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-4878/CVE-2018-4878.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8637f0029edc817eb6d899b0953e8348131b083604dcbf95662f6b2543654705

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: fba8297bff573f540983e28b6d7c256921635421
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 19704
x-served-by: cache-cph20643-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 0AD6:7A84:714A50:929FFF:5DF107D4
x-timer: S1576078581.542904,VS0,VE94
etag: "5ded3c6d-4cf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888981c625a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 TSS-IE.png
malware.dontneedcoffee.com/images/blog/hosted/kotd/ 44 KB
44 KB 220ms
219ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/hosted/kotd/TSS-IE.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 707882431fd8e45715c21a6c9ab57b95f10dd8b978cb7eb6f3988c29a6bfbe37

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: bab9b94cfdf497b611ce57bdf03f69f5b7f5496f
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 44801
x-served-by: cache-cph20648-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 536A:071E:2135A1:2CB133:5DF107D5
x-timer: S1576078581.543231,VS0,VE99
etag: "5ded3c6d-af01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888981c645a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 Logo.svg.png
malware.dontneedcoffee.com/images/blog/Coala/ 20 KB
20 KB 191ms
190ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Coala/Logo.svg.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9eb43541c810e0fffdcbfc0f09f9cfe13c4cdb4191ae1ca54c0751860f4f80

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 42ae028b0c940003ad6f029ed23b19eef38f779b
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 19985
x-served-by: cache-cph20647-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 35B4:0EBC:F1EEDD:13687FA:5DF107D5
x-timer: S1576078581.547424,VS0,VE90
etag: "5ded3c6d-4e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888981c655a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 Nebula_logo.png
malware.dontneedcoffee.com/images/blog/Nebula/ 1 KB
1 KB 175ms
174ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Nebula/Nebula_logo.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6843832da092ac80f4a32e2ffc05a15be05f2899e373f439b97a718bbf142dee

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 7f908911aa7db36e7a0d443113bb1fe7aeba9051
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 1241
x-served-by: cache-cph20642-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: EA08:0EB8:3B6B5D:4DDB9C:5DF107D4
x-timer: S1576078581.547939,VS0,VE94
etag: "5ded3c6d-4d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888981c675a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 CVE-2016-7200-7201.png
malware.dontneedcoffee.com/images/blog/CVE-2016-7200-7201/ 28 KB
28 KB 320ms
320ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2016-7200-7201/CVE-2016-7200-7201.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a39c44baa8108d1e168d634cd32567c9dde7fd5ee2b1bbf2e1baa513c9c868c

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 0658cb9895125d66786733651b7490a2da80eb7e
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 28347
x-served-by: cache-cph20625-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 9914:4DA0:7823C0:9B7095:5DF107D5
x-timer: S1576078581.667269,VS0,VE97
etag: "5ded3c6c-6ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888982c685a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 goodbye.jpg
malware.dontneedcoffee.com/images/blog/Neutrino-waves/ 4 KB
5 KB 146ms
145ms Image
image/jpeg 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Neutrino-waves/goodbye.jpg
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7e34bac5d2b6422bc52fe5f9a0c1faf8f2de1ab7f9d7201fcf9873a845c905

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 4c8215d4da28cb82fc156bf989bc8ec73d7331fd
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 4412
x-served-by: cache-cph20639-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 21BE:7A84:714A52:929FD9:5DF107D1
x-timer: S1576078581.518375,VS0,VE97
etag: "5ded3c6d-113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888982c695a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ponyfork.png
malware.dontneedcoffee.com/images/blog/Fox-Stealer/ 36 KB
37 KB 187ms
187ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Fox-Stealer/ponyfork.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161fc62e19a9fc3c74f06dc6b81bf1c6c1b359df98b8e1b065b3dc928905a811

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 114ab06c79b57295a47b792287f05fdacf8fce26
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 37334
x-served-by: cache-cph20645-CPH
last-modified: Sun, 08 Dec 2019 18:09:49 GMT
server: cloudflare
x-github-request-id: 09A6:5DF1:F563B9:13AC109:5DF107D5
x-timer: S1576078581.547097,VS0,VE91
etag: "5ded3c6d-91d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888982c6a5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 CVE-2016-0189.png
malware.dontneedcoffee.com/images/blog/CVE-2016-0189/ 17 KB
18 KB 205ms
204ms Image
image/png 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2016-0189/CVE-2016-0189.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1df4e6ea4e9e44861b1f1a2d2f51728a68f71aaa8cd0001414c0f0965369410

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 445f5e87d6fa34e6d80d41d053fb877b05ecf459
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 17761
x-served-by: cache-cph20639-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: F17C:54C9:7CF40C:A0BD63:5DF107D5
x-timer: S1576078581.549470,VS0,VE97
etag: "5ded3c6c-4561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888982c6b5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 javascript.min.js Show response
malware.dontneedcoffee.com/assets/js/ 139 KB
43 KB 234ms
234ms Script
application/javascript 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/js/javascript.min.js
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66dcce30a04c85fcf10d511f783fd1bd72a15b9097c6f3d48a35fd1196cb805e

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: c100f128b2b3fa893d6faa3e9a82709e0164fcb9
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: br
x-served-by: cache-cph20636-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 09A6:5DF1:F563B7:13AC0FA:5DF107D5
x-timer: S1576078581.512621,VS0,VE98
etag: W/"5ded3c6c-22dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:29 GMT
cache-control: max-age=14400
cf-ray: 54388897ec2e5a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 3 KB
588 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d384094a105ec2c8378afb3b6193dd1712d139fac820287d6029d8c57e1ba06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 11 Dec 2019 15:36:20 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 11 Dec 2019 15:36:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 11 Dec 2019 15:36:20 GMT

GET
H2 200 iconfont.woff
malware.dontneedcoffee.com/assets/fonts/ 10 KB
10 KB 142ms
141ms Font
font/woff 2606:4700:30::6818:6e0d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/fonts/iconfont.woff
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6e0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61405347983337437e990852beb51bc4f7bc28385fdd23fd2687c81d5867d063

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://malware.dontneedcoffee.com/assets/css/styles_feeling_responsive.css
Origin: https://malware.dontneedcoffee.com

Response headers

x-fastly-request-id: c22874c01d17ffe4501eec76f357ce575d50418e
date: Wed, 11 Dec 2019 15:36:20 GMT
via: 1.1 varnish
cf-cache-status: MISS
x-cache: MISS
status: 200
content-length: 10092
x-served-by: cache-cph20626-CPH
last-modified: Sun, 08 Dec 2019 18:09:48 GMT
server: cloudflare
x-github-request-id: 21EA:4694:4BF3C5:636E7D:5DF107D5
x-timer: S1576078581.524261,VS0,VE97
etag: "5ded3c6c-276c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 15:24:30 GMT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 543888982c765a0c-VIE
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
Origin: https://malware.dontneedcoffee.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1729089
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

GET
H2 200 SlGQmQieoJcKemNecTUEhV5wYDw.woff2
fonts.gstatic.com/s/volkhov/v11/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/volkhov/v11/SlGQmQieoJcKemNecTUEhV5wYDw.woff2

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7984ed8e0f51de45627b30d67f0df09def637b43af9030d7305e575426348f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
Origin: https://malware.dontneedcoffee.com

Response headers

date: Thu, 21 Nov 2019 06:50:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:31 GMT
server: sffe
age: 1759547
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14324
x-xss-protection: 0
expires: Fri, 20 Nov 2020 06:50:33 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
Origin: https://malware.dontneedcoffee.com

Response headers

date: Tue, 10 Dec 2019 06:24:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 119527
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Wed, 09 Dec 2020 06:24:13 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
Origin: https://malware.dontneedcoffee.com

Response headers

date: Tue, 19 Nov 2019 00:57:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:51 GMT
server: sffe
age: 1953538
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14864
x-xss-protection: 0
expires: Wed, 18 Nov 2020 00:57:22 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dontneedcoffee.com/	1970-01-19 06:31:10	Name: __cfduid Value: dcfbee62ba6226413a462a3d281b369761576078579

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
malware.dontneedcoffee.com
2606:4700:30::6818:6e0d
2a00:1450:4001:814::200a
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
0223ac074a955842eefd96a49a4f288233c622237fa14f9baeed98a93677af55
02cc3eb3252a538cdf95efcb9f2481f2d4732b60307f30b2bdd52992185e347c
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
161fc62e19a9fc3c74f06dc6b81bf1c6c1b359df98b8e1b065b3dc928905a811
61405347983337437e990852beb51bc4f7bc28385fdd23fd2687c81d5867d063
66dcce30a04c85fcf10d511f783fd1bd72a15b9097c6f3d48a35fd1196cb805e
6843832da092ac80f4a32e2ffc05a15be05f2899e373f439b97a718bbf142dee
707882431fd8e45715c21a6c9ab57b95f10dd8b978cb7eb6f3988c29a6bfbe37
7984ed8e0f51de45627b30d67f0df09def637b43af9030d7305e575426348f86
8637f0029edc817eb6d899b0953e8348131b083604dcbf95662f6b2543654705
8a39c44baa8108d1e168d634cd32567c9dde7fd5ee2b1bbf2e1baa513c9c868c
8f7e34bac5d2b6422bc52fe5f9a0c1faf8f2de1ab7f9d7201fcf9873a845c905
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
bf9eb43541c810e0fffdcbfc0f09f9cfe13c4cdb4191ae1ca54c0751860f4f80
ccfa5a77519697ebf931b3b707e71a6ee591136f845e233866e46a89391f7c09
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d384094a105ec2c8378afb3b6193dd1712d139fac820287d6029d8c57e1ba06e
dcbd98e678f8b6a9562aad9f1b700ddef852ea9b4fa66cab85d025fdc5c82a1b
e1df4e6ea4e9e44861b1f1a2d2f51728a68f71aaa8cd0001414c0f0965369410
fdd1d293435a55d9fb39be75b21e0656130d5618f4bd63c7227e3de1f08ffdbd
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

malware.dontneedcoffee.com Open in urlscan Pro 2606:4700:30::6818:6e0d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

371 kBTransfer

618 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

Indicators

malware.dontneedcoffee.com Open in urlscan Pro
2606:4700:30::6818:6e0d Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

371 kB
Transfer

618 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions