malware.dontneedcoffee.com Open in urlscan Pro
2606:4700:3032::6818:6f0d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://malware.dontneedcoffee.com/
Effective URL:
https://malware.dontneedcoffee.com/blog/
Submission: On December 30 via manual (December 30th 2020, 2:27:53 pm UTC) from FR

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3032::6818:6f0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is malware.dontneedcoffee.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.

This is the only time malware.dontneedcoffee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:303... 2606:4700:3032::6818:6f0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
23	4

18 2606:4700:3032::6818:6f0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

malware.dontneedcoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	dontneedcoffee.com 1 redirects malware.dontneedcoffee.com	309 KB
4	gstatic.com fonts.gstatic.com	57 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
23	3

	Domain	Requested by
18	malware.dontneedcoffee.com	1 redirects malware.dontneedcoffee.com
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	malware.dontneedcoffee.com
23	4

This site contains links to these domains. Also see Links.

Domain
www.misp-project.org
cuckoosandbox.org
github.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://malware.dontneedcoffee.com/blog/
Frame ID: 728209331732B90CCCEB7E535480A1E6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/index.html Page URL
https://malware.dontneedcoffee.com/blog/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

372 kB
Transfer

615 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.misp-project.org/
Title: MISP

Search URL Search Domain Scan URL

URL: https://cuckoosandbox.org/
Title: Cuckoo

Search URL Search Domain Scan URL

URL: https://github.com/Kafeine

Search URL Search Domain Scan URL

URL: https://twitter.com/Kafeine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/index.html Page URL
https://malware.dontneedcoffee.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://malware.dontneedcoffee.com/ HTTP 301
https://malware.dontneedcoffee.com/index.html

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
malware.dontneedcoffee.com/
Redirect Chain

https://malware.dontneedcoffee.com/
https://malware.dontneedcoffee.com/index.html

461 B
909 B

131ms
130ms

Document
text/html

2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ec9c3d333b564648536486e532526989bc6b20e8c7f5aaaab63a3badfc41f2

Request headers

:method: GET
:authority: malware.dontneedcoffee.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 14:27:36 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d90ac113a51fce261262ccd91a19b180c1609338456; expires=Fri, 29-Jan-21 14:27:36 GMT; path=/; domain=.dontneedcoffee.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
access-control-allow-origin: *
expires: Tue, 29 Dec 2020 04:36:40 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A460:5BB8:26CD677:299902A:5FEAAFFF
via: 1.1 varnish
age: 0
x-served-by: cache-fra19178-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1609338457.618579,VS0,VE85
vary: Accept-Encoding
x-fastly-request-id: f3ee9ea9f1390ebe68e0e159adac6955bc2acadc
cf-cache-status: DYNAMIC
cf-request-id: 0755a52214000016f2592bd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8qAYLOlgxT%2FFbrkjUvMMqQzImAZ2ifzFBd7cWerMFsCKOCtcLppLMeXGB0j8k%2BxjL4%2BWJKOLYKxQdsYgdJIBp1yyzM4kwjospBrxXJv1lkHx%2BUpp8xRoq5sM3bqfBp7cev8RiwDNaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 609c7149bf9216f2-FRA
content-encoding: br

Redirect headers

date: Wed, 30 Dec 2020 14:27:36 GMT
cache-control: max-age=3600
expires: Wed, 30 Dec 2020 15:27:36 GMT
location: https://malware.dontneedcoffee.com/index.html
cf-request-id: 0755a521fe000016f2ef867000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oAU94jmR0C1juboiZ9VEhZUaNYysvOGCBuUbMrG9xT5bSO2Cn64oIYhzdrvfblOmHiOxDD8QFuVFgBDSwQkwjXPVTqtBHnWFmb4ypjPlV%2BQ7OI9dCCeq3gYQGeAS4VAb8ZO7tlwLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 609c71499f5316f2-FRA

GET
H2 200 Primary Request / Show response
malware.dontneedcoffee.com/blog/ 21 KB
4 KB 108ms
107ms Document
text/html 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/blog/
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f822f8039da32d3fe894d2790a13e603052270a471bd81211c86ab56782a95ec

Request headers

:method: GET
:authority: malware.dontneedcoffee.com
:scheme: https
:path: /blog/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://malware.dontneedcoffee.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d90ac113a51fce261262ccd91a19b180c1609338456
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://malware.dontneedcoffee.com/index.html

Response headers

date: Wed, 30 Dec 2020 14:27:36 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
access-control-allow-origin: *
expires: Wed, 30 Dec 2020 13:56:04 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6F36:62AF:5AEB9FB:610B220:5FEC849B
via: 1.1 varnish
age: 0
x-served-by: cache-fra19143-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1609338457.756702,VS0,VE91
vary: Accept-Encoding
x-fastly-request-id: c971ac91c6599305692b65d1878bcedca8e62493
cf-cache-status: DYNAMIC
cf-request-id: 0755a522ae000016f2420f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wmHm9TBWlO5jS9E5EQelkEv%2F4gLEE06f7QhTUs3D2f%2FuaFkPnEasDhr0wZcYgsoGzgtOWXx7SA4gxuYzJw%2BOSccv4Z3G5qWh1ql40FRwkXw5RHUseItUG%2Bww3Mss0TGPLytT4YdvCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 609c714aa92316f2-FRA
content-encoding: br

GET
H2 200 styles_feeling_responsive.css
malware.dontneedcoffee.com/assets/css/ 136 KB
18 KB 116ms
116ms Stylesheet
text/css 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/css/styles_feeling_responsive.css
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd1d293435a55d9fb39be75b21e0656130d5618f4bd63c7227e3de1f08ffdbd

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 2ffe5794a1ef410372365c77c99774308dc88885
date: Wed, 30 Dec 2020 14:27:36 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
cf-request-id: 0755a5232b000016f244987000000001
x-served-by: cache-fra19152-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: FACE:DD54:5139B4B:56B790B:5FEC849C
x-timer: S1609335964.261485,VS0,VE96
etag: W/"5f402fb8-220ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0k9idtYDgvx1gF62silLXMA36Z8nPTzw%2F3TEk0c7JwHJEvUfo%2FewN7TcnDUfVF1FTeX2mbrPeCBvzysE8gtI0tZJEe7Jw2a8skw51SGonUYKoIzC3GNvKoK1cIyObs%2FlT7xk7NqQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 609c714b7a7416f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 modernizr.min.js Show response
malware.dontneedcoffee.com/assets/js/ 11 KB
5 KB 104ms
104ms Script
application/javascript 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/js/modernizr.min.js
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 2ceb77a6e05e9a799c61ab1db2bf7a32ddeef01c
date: Wed, 30 Dec 2020 14:27:36 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
cf-request-id: 0755a5232c000016f2ec9ef000000001
x-served-by: cache-fra19171-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: DF38:C95B:5D4838:685E6E:5FEC8696
x-timer: S1609338457.886743,VS0,VE86
etag: W/"5f402fb8-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x0xKYoh3W99L9TIzAxq2ge%2B03Qp6lQW1bgGB5Yte3aXQ7WcaBkX12sAqFGx5Rfnx0zPmPhDHrpTwo3rySY8Oq2H923lSPgY8QJHc69E%2FiRAahs4DW2g2pTVCdazJ8ZsjNRW1KeoXwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 609c714b7a7516f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 14:04:30 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 09:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449687
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Dec 2021 09:32:49 GMT

GET
H2 200 logo.png
malware.dontneedcoffee.com/assets/img/ 29 KB
30 KB 110ms
110ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/assets/img/logo.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cc3eb3252a538cdf95efcb9f2481f2d4732b60307f30b2bdd52992185e347c

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: b6c4ee766da7a73f5f16efde62267c0a63ac1876
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-length: 29737
cf-request-id: 0755a523a2000016f207acd000000001
x-served-by: cache-fra19155-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: F364:5CEB:2B915BA:2EAB99F:5FEC849B
x-timer: S1609335964.281324,VS0,VE89
etag: "5f402fb8-7429"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vtzafkpr%2B5CZzVHMt9YgkAvzPj3ftZAQOA6%2BMArrgHcuTCMUkunrOp6tApEKiFUdYzuhLX4wdH4%2B06EzKL7mdnCPrZBWSQnR1fgSNcBRBgwyCwLwk3rPFTJEkV%2F%2B3ope17EyUiMuNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c3b8916f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 OverAndOut.png
malware.dontneedcoffee.com/images/blog/ 15 KB
15 KB 113ms
110ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/OverAndOut.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5746fb94866c667904aee0ef4a2df356c26370267eac3a51d9931afcaf141aa4

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 8b855b62e6d6dd0619d2b51caffd81767a4aeec3
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 14940
cf-request-id: 0755a523c5000016f230081000000001
x-served-by: cache-fra19169-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: C056:DD53:2A72B0C:2D7F564:5FEC849C
x-timer: S1609335964.476735,VS0,VE94
etag: "5f402fb8-3a5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BBrFnIwVS42kwgWnI0RS%2BluwvMBvmgvoGZS6QZuSr7LPh0eL%2FTuNu5A6wUWl7zmxrEFJa5CnWhxcJR9EQ8XZzmPJR1MxuoWelz0mkuafa54LEGb9b05R%2BMIZoB%2FGwjCfvlqkXl5zJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6beb16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 CVE-2018-15982.png
malware.dontneedcoffee.com/images/blog/CVE-2018-15982/ 6 KB
6 KB 115ms
112ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-15982/CVE-2018-15982.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0223ac074a955842eefd96a49a4f288233c622237fa14f9baeed98a93677af55

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: a1cdb08a81d182350379bbc8e98ed3f644a44f19
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 6044
cf-request-id: 0755a523c5000016f264026000000001
x-served-by: cache-fra19152-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: C2E4:FEC2:2C95D8B:2FC0987:5FEC849C
x-timer: S1609335964.483242,VS0,VE88
etag: "5f402fb8-179c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lDjkbmDCBnhcjcCUejgv3pPeRKhSVtD0IwdXfxA%2FybJG9RtBX%2FZKLBqlL5eEIswq7gcIu641st%2BWRKPkJulmUvmfnyuFzRbN1ytk6Isu65tG3AopWF372DEsptTa8HIbH%2BlLuroNSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bec16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 CVE-2018-8174.png
malware.dontneedcoffee.com/images/blog/CVE-2018-8174/ 20 KB
21 KB 114ms
111ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-8174/CVE-2018-8174.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfa5a77519697ebf931b3b707e71a6ee591136f845e233866e46a89391f7c09

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: cc5db1da6378b07a432ec59fa59ee902628dbd9f
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-length: 20967
cf-request-id: 0755a523c6000016f2f69b1000000001
x-served-by: cache-fra19135-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: 771C:FEC3:5001814:556A646:5FEC849C
x-timer: S1609335965.670577,VS0,VE90
etag: "5f402fb8-51e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NrlUVjkRmVakyQH1ENeTiEykADHbTORhuL1mZ2sNDVmcAW5ENXISl2jqWOd6b78NRnzQv7lsI9RX3eq6CESf0Ihp3%2BUzco8sZ3uyM2ORr4VSO9zjLLndhdB%2Bn9znWjWn%2BqTNwpzSFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bed16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 CVE-2018-4878.png
malware.dontneedcoffee.com/images/blog/CVE-2018-4878/ 19 KB
20 KB 111ms
109ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2018-4878/CVE-2018-4878.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8637f0029edc817eb6d899b0953e8348131b083604dcbf95662f6b2543654705

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 1815fc59176cf2545c34dc6c55749d909db9d864
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 19704
cf-request-id: 0755a523c6000016f21a137000000001
x-served-by: cache-fra19176-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: B416:62AF:5AEBA3D:610B25B:5FEC849C
x-timer: S1609335965.683989,VS0,VE166
etag: "5f402fb8-4cf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hrwdZOJyOmnpN2XYgpldh1YVVa4kgw8FneRCoG9RGmZekmoYrw25k7oD84ApYcYi3e58FjMP7kxTsPitS1fVadlT7cxNuP5NuWDkVlt4rBF1GEHOSeTajUVqneA2Ns0u8RTKBmzOoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bf016f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 TSS-IE.png
malware.dontneedcoffee.com/images/blog/hosted/kotd/ 44 KB
44 KB 105ms
103ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/hosted/kotd/TSS-IE.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 707882431fd8e45715c21a6c9ab57b95f10dd8b978cb7eb6f3988c29a6bfbe37

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 93c7ec64e81c23c6adf8b2350acf8a90fa2d4f08
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 44801
cf-request-id: 0755a523c6000016f208a13000000001
x-served-by: cache-fra19135-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: A282:A41E:655848:70F4AE:5FEC849C
x-timer: S1609335965.687165,VS0,VE86
etag: "5f402fb8-af01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XGaqIh7jYREXCzDgtQSyFj1QImokhGnEPvRcdsASfVDsBqsXaWtFAoxcvfh%2B5jXc4STNTqSTubGIUshTnnWyAxESfJnGcsFt79yy17UAgR2kFtvfjetPA2o5WopIiIs%2FvAuQ%2BMX%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bf216f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 Logo.svg.png
malware.dontneedcoffee.com/images/blog/Coala/ 20 KB
20 KB 113ms
111ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Coala/Logo.svg.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9eb43541c810e0fffdcbfc0f09f9cfe13c4cdb4191ae1ca54c0751860f4f80

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 7e60e03b3458d5a92159b02c915c605d560ecff6
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 19985
cf-request-id: 0755a523c6000016f22488a000000001
x-served-by: cache-fra19136-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: C2E4:FEC2:2C95D9D:2FC099F:5FEC849C
x-timer: S1609335965.902553,VS0,VE86
etag: "5f402fb8-4e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZYPxqgiHXputON3y1u5t8RLzQ83rsZMYKeSQboDmksMuP6rixJ61jnQ64%2BkAVzvGo0YnTIbFrMWGClL%2B2PRV271vRRDi7M%2BalEQeG2ZyVqnN0CbsT9mYTicC%2FNfs02GVSSBLsYgcpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bf516f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 Nebula_logo.png
malware.dontneedcoffee.com/images/blog/Nebula/ 1 KB
2 KB 104ms
102ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Nebula/Nebula_logo.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6843832da092ac80f4a32e2ffc05a15be05f2899e373f439b97a718bbf142dee

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: d0d16569292647ed25e81f0fe936e0db9b60f9ce
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 1241
cf-request-id: 0755a523c6000016f22d963000000001
x-served-by: cache-fra19136-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: 3CEC:F50E:54D3FCB:5A94383:5FEC849C
x-timer: S1609335965.919449,VS0,VE84
etag: "5f402fb8-4d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KAflVoXwRwL7JZYS8xXblQkcFk4GPlAcNRAIghcmyB024STbE2WkQ75C%2Fn%2Fq1zZG0Dc3rkhSPjFkCtOMq5RRGXcRSXmZpxC6b7B3fGYGOwtLOYz%2B%2BBaCwVOWokhrX5p0loS%2By4Yz%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bf616f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 CVE-2016-7200-7201.png
malware.dontneedcoffee.com/images/blog/CVE-2016-7200-7201/ 28 KB
28 KB 105ms
104ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/CVE-2016-7200-7201/CVE-2016-7200-7201.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a39c44baa8108d1e168d634cd32567c9dde7fd5ee2b1bbf2e1baa513c9c868c

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 9ba5d3b12ed88d717fa0a3857093979b4220d601
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 28347
cf-request-id: 0755a523c7000016f2ed26f000000001
x-served-by: cache-fra19162-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: D5F0:62AF:5AEBA69:610B2AA:5FEC849C
x-timer: S1609335965.068333,VS0,VE88
etag: "5f402fb8-6ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8O6eVLheGQoCvdnQtmCiVgLpNN2%2B3GaiHwEUwDq8xOIVOXtHPPCaLi%2FDI49VGDb%2BL9H24dWDjiHt%2FvYXWtfFmlU9RvAJShBHMqTsID6biESfND9ojdvqttdVtk2EWeoOGQuNn2xBQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bf916f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:05 GMT

GET
H2 200 goodbye.jpg
malware.dontneedcoffee.com/images/blog/Neutrino-waves/ 4 KB
5 KB 115ms
113ms Image
image/jpeg 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Neutrino-waves/goodbye.jpg
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7e34bac5d2b6422bc52fe5f9a0c1faf8f2de1ab7f9d7201fcf9873a845c905

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: f1b7e490123e065aaa9a034760c1bb8464ff7bd9
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 4412
cf-request-id: 0755a523c8000016f200176000000001
x-served-by: cache-fra19131-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: D298:3BE3:4DFC3BD:534C38D:5FEC849C
x-timer: S1609335965.140817,VS0,VE85
etag: "5f402fb8-113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MEy81hc%2FzavJB1CWCgIDh7R5EC23HZNZL6orjS34KF7rB4Ph9Ta1BltQlCctQGWffmzwZcFbIGNByh0KTJhXurMA2Edl2%2Fs5CVs6uFAcPdxp%2FpXrx3gz8pwW91MGAHJyKKz9IxKd9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bfc16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:05 GMT

GET
H2 200 ponyfork.png
malware.dontneedcoffee.com/images/blog/Fox-Stealer/ 36 KB
37 KB 114ms
113ms Image
image/png 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.dontneedcoffee.com/images/blog/Fox-Stealer/ponyfork.png
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161fc62e19a9fc3c74f06dc6b81bf1c6c1b359df98b8e1b065b3dc928905a811

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: da7591cd47d1cd47d6a803b47e51157159602027
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
x-origin-cache: HIT
content-length: 37334
cf-request-id: 0755a523c8000016f229aa0000000001
x-served-by: cache-fra19156-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: 6A6E:3BE0:8CFD77:9B3C1C:5FEC849D
x-timer: S1609335965.137259,VS0,VE86
etag: "5f402fb8-91d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nm2FfZpJBETy8kNrCn7THK3%2BlpmV86%2F9kd2W1lz1f26Hq9odN2Pr%2FhLV5xbBLKJtVBt2dgP%2BBihT%2BITh8MHy10s5%2F0HxdBnD7yBwOdpKDKmGLhBDVw1rMIT%2B6MPqdWehQkwMUc9YTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c6bfd16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:05 GMT

GET
H2 200 javascript.min.js Show response
malware.dontneedcoffee.com/assets/js/ 139 KB
43 KB 114ms
114ms Script
application/javascript 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/js/javascript.min.js
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66dcce30a04c85fcf10d511f783fd1bd72a15b9097c6f3d48a35fd1196cb805e

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 9fb9bfd33c2b80747f42c5fa8fa673975cdced75
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
cf-request-id: 0755a52394000016f21a133000000001
x-served-by: cache-fra19126-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: F1F8:A425:554FB2C:5B17630:5FEC8696
x-timer: S1609338457.993284,VS0,VE85
etag: W/"5f402fb8-22dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BAA7Iv1s1lJ3No1mV80VCowmlmUlazzrMhCsq5KrfOhzmfPACrikcreYPxkuApCcCVgQ2KE%2FDu3Q8WN7Z%2FTYHedSnnfrvfHLtdt62noHu%2FShsZXhBGVlKWTsI%2F99iwDKUgersapGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 609c714c2b6e16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 14:04:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
585 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02b40d517968203371f045a4e175a410ab3bb28d84d4d7319b6ff72d4ed0e132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://malware.dontneedcoffee.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 14:27:37 GMT
server: ESF
date: Wed, 30 Dec 2020 14:27:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Dec 2020 14:27:37 GMT

GET
H2 200 iconfont.woff
malware.dontneedcoffee.com/assets/fonts/ 10 KB
10 KB 108ms
108ms Font
font/woff 2606:4700:3032::6818:6f0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.dontneedcoffee.com/assets/fonts/iconfont.woff
Requested by: Host: malware.dontneedcoffee.com
URL: https://malware.dontneedcoffee.com/assets/css/styles_feeling_responsive.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:6f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61405347983337437e990852beb51bc4f7bc28385fdd23fd2687c81d5867d063

Request headers

Origin: https://malware.dontneedcoffee.com
Referer: https://malware.dontneedcoffee.com/assets/css/styles_feeling_responsive.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 535c0ba7c639127f61717ad26888d9e95834d873
date: Wed, 30 Dec 2020 14:27:37 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-length: 10092
cf-request-id: 0755a523c8000016f25728c000000001
x-served-by: cache-fra19166-FRA
last-modified: Fri, 21 Aug 2020 20:34:00 GMT
server: cloudflare
x-github-request-id: B494:C95E:57FEFEA:5DF3938:5FEC849C
x-timer: S1609335964.453381,VS0,VE89
etag: "5f402fb8-276c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D9vIDgQHpDQjanVV%2FFyEj6tcbHUlw8WmOrAdUXM52YAcDPubgZlD9nUdN%2B%2B2XsDYXWrjcOrdgMGtoLjpo6pdTKcMg8gklauBEUN249X4YyduogMMl0HyKG07BLbza5obT34gSguLkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 609c714c7bff16f2-FRA
x-proxy-cache: MISS
expires: Wed, 30 Dec 2020 13:56:04 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://malware.dontneedcoffee.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 18:04:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 591803
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Thu, 23 Dec 2021 18:04:14 GMT

GET
H2 200 SlGQmQieoJcKemNecTUEhV5wYDw.woff2
fonts.gstatic.com/s/volkhov/v12/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/volkhov/v12/SlGQmQieoJcKemNecTUEhV5wYDw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7984ed8e0f51de45627b30d67f0df09def637b43af9030d7305e575426348f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://malware.dontneedcoffee.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 17:05:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:36 GMT
server: sffe
age: 76929
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14324
x-xss-protection: 0
expires: Wed, 29 Dec 2021 17:05:28 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://malware.dontneedcoffee.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 06:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 460787
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 25 Dec 2021 06:27:50 GMT

GET
H3-Q050 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v17/ 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://malware.dontneedcoffee.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CVolkhov&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 09:53:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 16440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
expires: Thu, 30 Dec 2021 09:53:37 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dontneedcoffee.com/	1970-01-19 15:45:30	Name: __cfduid Value: d90ac113a51fce261262ccd91a19b180c1609338456

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
malware.dontneedcoffee.com
2606:4700:3032::6818:6f0d
2a00:1450:4001:802::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
0223ac074a955842eefd96a49a4f288233c622237fa14f9baeed98a93677af55
02b40d517968203371f045a4e175a410ab3bb28d84d4d7319b6ff72d4ed0e132
02cc3eb3252a538cdf95efcb9f2481f2d4732b60307f30b2bdd52992185e347c
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
161fc62e19a9fc3c74f06dc6b81bf1c6c1b359df98b8e1b065b3dc928905a811
5746fb94866c667904aee0ef4a2df356c26370267eac3a51d9931afcaf141aa4
61405347983337437e990852beb51bc4f7bc28385fdd23fd2687c81d5867d063
66dcce30a04c85fcf10d511f783fd1bd72a15b9097c6f3d48a35fd1196cb805e
6843832da092ac80f4a32e2ffc05a15be05f2899e373f439b97a718bbf142dee
707882431fd8e45715c21a6c9ab57b95f10dd8b978cb7eb6f3988c29a6bfbe37
7984ed8e0f51de45627b30d67f0df09def637b43af9030d7305e575426348f86
8637f0029edc817eb6d899b0953e8348131b083604dcbf95662f6b2543654705
8a39c44baa8108d1e168d634cd32567c9dde7fd5ee2b1bbf2e1baa513c9c868c
8f7e34bac5d2b6422bc52fe5f9a0c1faf8f2de1ab7f9d7201fcf9873a845c905
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
bf9eb43541c810e0fffdcbfc0f09f9cfe13c4cdb4191ae1ca54c0751860f4f80
ccfa5a77519697ebf931b3b707e71a6ee591136f845e233866e46a89391f7c09
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5ec9c3d333b564648536486e532526989bc6b20e8c7f5aaaab63a3badfc41f2
f822f8039da32d3fe894d2790a13e603052270a471bd81211c86ab56782a95ec
fdd1d293435a55d9fb39be75b21e0656130d5618f4bd63c7227e3de1f08ffdbd
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

malware.dontneedcoffee.com Open in urlscan Pro 2606:4700:3032::6818:6f0d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

372 kBTransfer

615 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

1 Cookies

Indicators

malware.dontneedcoffee.com Open in urlscan Pro
2606:4700:3032::6818:6f0d Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

372 kB
Transfer

615 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions