privatesupport.xyz Open in urlscan Pro
2606:4700:3034::6818:7332 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://privatesupport.xyz/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2020, 11:28:35 am UTC)

Summary HTTP 16 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3034::6818:7332, located in United States and belongs to CLOUDFLARENET, US. The main domain is privatesupport.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.

This is the only time privatesupport.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3034::6818:7332	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.216.72.81 95.216.72.81	24940 (HETZNER-AS) (HETZNER-AS)
4	94.130.237.119 94.130.237.119	24940 (HETZNER-AS) (HETZNER-AS)
3	144.76.3.14 144.76.3.14	24940 (HETZNER-AS) (HETZNER-AS)
16	5

7 2606:4700:3034::6818:7332 (United States)

ASN13335 (CLOUDFLARENET, US)

privatesupport.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.72.81 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.81.72.216.95.clients.your-server.de

widget.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-new.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.237.119 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.119.237.130.94.clients.your-server.de

privatesupport.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.3.14 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.14.3.76.144.clients.your-server.de

helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	helpcrunch.com widget.helpcrunch.com widget-new.helpcrunch.com privatesupport.helpcrunch.com helpcrunch.com	450 KB
7	privatesupport.xyz privatesupport.xyz	206 KB
16	2

	Domain	Requested by
7	privatesupport.xyz	privatesupport.xyz
4	privatesupport.helpcrunch.com	widget-new.helpcrunch.com
3	helpcrunch.com	privatesupport.xyz
1	widget-new.helpcrunch.com	widget.helpcrunch.com
1	widget.helpcrunch.com	privatesupport.xyz
16	5

This site contains links to these domains. Also see Links.

Domain
ahrefs.com
majestic.com
www.semrush.com
keywordtool.io
www.storyblocks.com
app.buzzsumo.com
analytics.moz.com
domcop.com
www.canva.com
mangools.com
create.piktochart.com
www.videoblocks.com
stmforum.com
mythemeshop.com
thrivethemes.com
uat.idvert.com
mobile.adplexity.com
native.adplexity.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.helpcrunch.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://privatesupport.xyz/
Frame ID: B11B65563725E7A241FAD5927985F986
Requests: 10 HTTP requests in this frame

Frame: https://widget-new.helpcrunch.com/sdk-code.js?ver=1597745063742
Frame ID: 89E8B5FC3AF0B0785820D2735E0AAC5B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

5
Subdomains

5
IPs

3
Countries

657 kB
Transfer

2340 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://ahrefs.com/site-explorer
Title: Ahrefs

Search URL Search Domain Scan URL

URL: https://majestic.com/account
Title: Majestic

Search URL Search Domain Scan URL

URL: https://www.semrush.com/
Title: SEMrush

Search URL Search Domain Scan URL

URL: https://keywordtool.io/
Title: Keywordtool.io

Search URL Search Domain Scan URL

URL: https://www.storyblocks.com/
Title: Storyblocks

Search URL Search Domain Scan URL

URL: https://app.buzzsumo.com/
Title: Buzzsumo

Search URL Search Domain Scan URL

URL: https://analytics.moz.com/
Title: Moz Pro

Search URL Search Domain Scan URL

URL: https://domcop.com/
Title: Find Domain

Search URL Search Domain Scan URL

URL: https://www.canva.com/
Title: Canava

Search URL Search Domain Scan URL

URL: https://mangools.com/
Title: KwFinder

Search URL Search Domain Scan URL

URL: https://create.piktochart.com/teams/14769716/dashboard
Title: Piktochart

Search URL Search Domain Scan URL

URL: https://www.videoblocks.com/
Title: Video Block

Search URL Search Domain Scan URL

URL: https://stmforum.com/forum/
Title: stmforum

Search URL Search Domain Scan URL

URL: https://mythemeshop.com/my-account/
Title: MythemShop

Search URL Search Domain Scan URL

URL: https://thrivethemes.com/members/main/
Title: Thrive

Search URL Search Domain Scan URL

URL: https://uat.idvert.com/findIdvert/index
Title: Idvert

Search URL Search Domain Scan URL

URL: https://mobile.adplexity.com/
Title: Adp Mobile

Search URL Search Domain Scan URL

URL: https://native.adplexity.com/
Title: Adp Native

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
privatesupport.xyz/ 60 KB
9 KB 145ms
108ms Document
text/html 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d175b6988eee1af7681493061d85a68bad6b399944320882cabb5e882baffdd

Request headers

:method: GET
:authority: privatesupport.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 25 Aug 2020 11:28:18 GMT
content-type: text/html
set-cookie: __cfduid=dd44bcecedae8022cf88a9610970ce0c61598354898; expires=Thu, 24-Sep-20 11:28:18 GMT; path=/; domain=.privatesupport.xyz; HttpOnly; SameSite=Lax
last-modified: Sat, 01 Aug 2020 14:21:34 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 04c6f956a20000074a623b4200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c84f804384a074a-FRA
content-encoding: br

GET
H2 200 ripple.css
privatesupport.xyz/css/ 696 B
341 B 113ms
112ms Stylesheet
text/css 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/css/ripple.css
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17b6f6f6b902adcfbb734ca5822f3fb974023d385e49fd531dbcba0e632141d

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Aug 2020 14:20:32 GMT
server: cloudflare
etag: W/"2b8-5abd19bb428e8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c84f804ea75074a-FRA
cf-request-id: 04c6f957120000074a623c2200000001

GET
H2 200 newtab.css
privatesupport.xyz/css/ 3 KB
831 B 117ms
116ms Stylesheet
text/css 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/css/newtab.css
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc87ce56392bb05e63dcabfba935d32d06fc1e92a11774d8c00f4eeadbbc052c

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Aug 2020 14:20:31 GMT
server: cloudflare
etag: W/"a89-5abd19ba4f648-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c84f804ea77074a-FRA
cf-request-id: 04c6f957130000074a623c3200000001

GET
H2 200 jquery-3.1.0.min.js Show response
privatesupport.xyz/js/jquery/ 86 KB
30 KB 119ms
118ms Script
application/javascript 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/js/jquery/jquery-3.1.0.min.js
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Aug 2020 14:19:52 GMT
server: cloudflare
etag: W/"15850-5abd1994f6d88-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c84f804ea7c074a-FRA
cf-request-id: 04c6f957130000074a623c4200000001

GET
H2 200 ripple.js Show response
privatesupport.xyz/js/materialdesign/ 3 KB
603 B 107ms
106ms Script
application/javascript 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/js/materialdesign/ripple.js
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554bf32a91e5a03301bd637456b1c3342577d97c308b59f6bde5b58b8dd7e591

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Aug 2020 14:19:58 GMT
server: cloudflare
etag: W/"be1-5abd199ade908-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c84f804ea7f074a-FRA
cf-request-id: 04c6f957140000074a623c5200000001

GET
H2 200 newtab.js Show response
privatesupport.xyz/js/ 11 KB
7 KB 114ms
113ms Script
application/javascript 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/js/newtab.js
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee715db5ba32f16d1dfbbdeb952bf92996443d2f249c2d3bda4a6509659d4af

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Aug 2020 14:19:19 GMT
server: cloudflare
etag: W/"2d73-5abd1975f9408-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c84f804ea81074a-FRA
cf-request-id: 04c6f957140000074a623c6200000001

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7b206f72a5f7c6b41f371bcc7956aa9fa0a463003d778a5a5591f40358e316d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Roboto.ttf
privatesupport.xyz/fonts/ 159 KB
159 KB 110ms
110ms Font
application/octet-stream 2606:4700:3034::6818:7332
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privatesupport.xyz/fonts/Roboto.ttf
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/css/newtab.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://privatesupport.xyz
Referer: https://privatesupport.xyz/css/newtab.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 11:28:18 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Aug 2020 14:19:11 GMT
server: cloudflare
etag: "27c3c-5abd196e591a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c84f805bd42074a-FRA
content-length: 162876
cf-request-id: 04c6f957900000074a623d1200000001

GET
H/1.1 200
OK / Show response
widget.helpcrunch.com/ 4 KB
2 KB 264ms
71ms Script
application/javascript 95.216.72.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.helpcrunch.com/
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.72.81 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.81.72.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e4c0543fc090c8dc1cc71eddcfa7c3ee6f96a00c75e81395c6d9b0d10d922521

Request headers

Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 11:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 10:04:24 GMT
Server: nginx
ETag: W/"5f3ba7a8-11d2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1, no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 25 Aug 2020 11:28:20 GMT

GET
H/1.1 200
OK sdk-code.js Show response
widget-new.helpcrunch.com/ Frame 89E8 2 MB
388 KB 337ms
132ms Script
application/javascript 95.216.72.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-new.helpcrunch.com/sdk-code.js?ver=1597745063742
Requested by: Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.72.81 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.81.72.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 29a8bdbb5d3a505affbde0a41e45a04540bb8a68032ed0f7ff87d55e20978397

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 11:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 10:04:44 GMT
Server: nginx
ETag: W/"5f3ba7bc-1ce719"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

OPTIONS
H/1.1 200
OK time
privatesupport.helpcrunch.com/ Frame 0
0 200ms
55ms Other
text/plain 94.130.237.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://privatesupport.helpcrunch.com/time

Protocol

HTTP/1.1

Server

94.130.237.119 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.119.237.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://privatesupport.xyz
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 25 Aug 2020 11:28:20 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: ACCEPT, CONTENT-TYPE
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'none';
Service: 3cc
ServerName: Paid-1
Content-Encoding: gzip

OPTIONS
H/1.1 200
OK 5002
privatesupport.helpcrunch.com/api/v2/applications/ Frame 0
0 206ms
93ms Other
text/html 94.130.237.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://privatesupport.helpcrunch.com/api/v2/applications/5002

Protocol

HTTP/1.1

Server

94.130.237.119 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.119.237.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://privatesupport.xyz
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Tue, 25 Aug 2020 11:28:20 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: DELETE, GET, POST, PUT, PATCH
Access-Control-Allow-Headers: AUTHORIZATION,CONTENT-TYPE
Content-Security-Policy: frame-ancestors 'none';
Service: 3cc
ServerName: Paid-1
Content-Encoding: gzip

GET
H/1.1 200
OK time Show response
privatesupport.helpcrunch.com/ Frame 89E8 24 B
480 B 99ms
98ms XHR
text/plain 94.130.237.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://privatesupport.helpcrunch.com/time

Requested by

Host: widget-new.helpcrunch.com
URL: https://widget-new.helpcrunch.com/sdk-code.js?ver=1597745063742

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.130.237.119 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.119.237.130.94.clients.your-server.de

Software

nginx /

Resource Hash

18267ec5d7fd57bdd8a25c6376f7084c1240ebadf21276a2c97fa57b522dda43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 25 Aug 2020 11:28:20 GMT
Content-Encoding: gzip
Service: 3cc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'none';
Connection: keep-alive
ServerName: Paid-1
Access-Control-Allow-Headers: ACCEPT, CONTENT-TYPE
Server: nginx

GET
H/1.1 200
OK 5002 Show response
privatesupport.helpcrunch.com/api/v2/applications/ Frame 89E8 112 KB
15 KB 427ms
426ms XHR
application/json 94.130.237.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://privatesupport.helpcrunch.com/api/v2/applications/5002

Requested by

Host: widget-new.helpcrunch.com
URL: https://widget-new.helpcrunch.com/sdk-code.js?ver=1597745063742

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.130.237.119 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.119.237.130.94.clients.your-server.de

Software

nginx /

Resource Hash

ec183692223d69e2d2cc4a988e35bcd6219ef21819bb83afd4ee7e386daf6aae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept: application/json, text/plain, */*
Referer
Authorization: Bearer product="5002" secret="+whngnPyqV8xC+ODz+AtWjHC25c0uXqie7E4pTXJBw5pNYo4mR0uk0eYhcwX317G8STbRH0/jPKNIp8zla+WbQ=="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 25 Aug 2020 11:28:20 GMT
Content-Encoding: gzip
Service: 3cc
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'none';
Connection: keep-alive
Access-Control-Allow-Credentials: true
ServerName: Paid-1
Server: nginx

GET
H/1.1 200
OK HelveticaNeueCyr-Roman.woff
helpcrunch.com/fonts/widget/ Frame 89E8 15 KB
15 KB 186ms
72ms Font
application/font-woff 144.76.3.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget/HelveticaNeueCyr-Roman.woff
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.3.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.3.76.144.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Origin: https://privatesupport.xyz
Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 11:28:20 GMT
Last-Modified: Wed, 19 Aug 2020 08:37:43 GMT
Server: nginx
ETag: "5f3ce4d7-3ab0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=30758400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15024
Expires: Mon, 16 Aug 2021 11:28:20 GMT

GET
H/1.1 200
OK HelveticaNeueCyr-Medium.woff
helpcrunch.com/fonts/widget/ Frame 89E8 15 KB
15 KB 67ms
67ms Font
application/font-woff 144.76.3.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget/HelveticaNeueCyr-Medium.woff
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.3.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.3.76.144.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Origin: https://privatesupport.xyz
Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 11:28:20 GMT
Last-Modified: Wed, 19 Aug 2020 08:37:43 GMT
Server: nginx
ETag: "5f3ce4d7-3a04"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=30758400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14852
Expires: Mon, 16 Aug 2021 11:28:20 GMT

GET
H/1.1 200
OK HelveticaNeueCyr-Bold.woff
helpcrunch.com/fonts/widget/ Frame 89E8 14 KB
15 KB 118ms
50ms Font
application/font-woff 144.76.3.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget/HelveticaNeueCyr-Bold.woff
Requested by: Host: privatesupport.xyz
URL: https://privatesupport.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.3.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.3.76.144.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Origin: https://privatesupport.xyz
Referer: https://privatesupport.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 11:28:20 GMT
Last-Modified: Wed, 19 Aug 2020 08:37:43 GMT
Server: nginx
ETag: "5f3ce4d7-3968"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=30758400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14696
Expires: Mon, 16 Aug 2021 11:28:20 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.privatesupport.xyz/	1970-01-19 12:42:26	Name: __cfduid Value: dd44bcecedae8022cf88a9610970ce0c61598354898

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helpcrunch.com
privatesupport.helpcrunch.com
privatesupport.xyz
widget-new.helpcrunch.com
widget.helpcrunch.com
144.76.3.14
2606:4700:3034::6818:7332
94.130.237.119
95.216.72.81
18267ec5d7fd57bdd8a25c6376f7084c1240ebadf21276a2c97fa57b522dda43
1d175b6988eee1af7681493061d85a68bad6b399944320882cabb5e882baffdd
29a8bdbb5d3a505affbde0a41e45a04540bb8a68032ed0f7ff87d55e20978397
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
554bf32a91e5a03301bd637456b1c3342577d97c308b59f6bde5b58b8dd7e591
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
9ee715db5ba32f16d1dfbbdeb952bf92996443d2f249c2d3bda4a6509659d4af
b7b206f72a5f7c6b41f371bcc7956aa9fa0a463003d778a5a5591f40358e316d
bc87ce56392bb05e63dcabfba935d32d06fc1e92a11774d8c00f4eeadbbc052c
e4c0543fc090c8dc1cc71eddcfa7c3ee6f96a00c75e81395c6d9b0d10d922521
ec183692223d69e2d2cc4a988e35bcd6219ef21819bb83afd4ee7e386daf6aae
f17b6f6f6b902adcfbb734ca5822f3fb974023d385e49fd531dbcba0e632141d

privatesupport.xyz Open in urlscan Pro 2606:4700:3034::6818:7332 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

2 Domains

5 Subdomains

5 IPs

3 Countries

657 kBTransfer

2340 kBSize

1 Cookies

18 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

privatesupport.xyz Open in urlscan Pro
2606:4700:3034::6818:7332 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

5
Subdomains

5
IPs

3
Countries

657 kB
Transfer

2340 kB
Size

1
Cookies

16 HTTP transactions
2 data transactions