www.malwareurl.com Open in urlscan Pro
78.159.108.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io
Effective URL:
https://www.malwareurl.com/index.php
Submission: On January 31 via manual (January 31st 2024, 5:38:28 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 78.159.108.169, located in Berlin, Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is www.malwareurl.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 2nd 2023. Valid for: a year.

This is the only time www.malwareurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	78.159.108.169 78.159.108.169	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.174.87 52.222.174.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	3.12.27.175 3.12.27.175	16509 (AMAZON-02) (AMAZON-02)
1	18.173.187.119 18.173.187.119	16509 (AMAZON-02) (AMAZON-02)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.117.207.223 18.117.207.223	16509 (AMAZON-02) (AMAZON-02)
32	9

18 78.159.108.169 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

www.malwareurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:3b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-87.cdg50.r.cloudfront.net

app.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.27.175 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-27-175.us-east-2.compute.amazonaws.com

widgetapi.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-119.muc50.r.cloudfront.net

api-cdn.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

prod.purechatcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.117.207.223 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-207-223.us-east-2.compute.amazonaws.com

api.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	malwareurl.com www.malwareurl.com	2 MB
6	purechat.com app.purechat.com — Cisco Umbrella Rank: 31260 widgetapi.purechat.com — Cisco Umbrella Rank: 31465 api-cdn.purechat.com — Cisco Umbrella Rank: 49275 api.purechat.com — Cisco Umbrella Rank: 58880	9 KB
3	gstatic.com fonts.gstatic.com	62 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5168	13 KB
2	purechatcdn.com prod.purechatcdn.com — Cisco Umbrella Rank: 48825	311 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	958 B
32	6

	Domain	Requested by
18	www.malwareurl.com	www.malwareurl.com
3	fonts.gstatic.com	fonts.googleapis.com
3	challenges.cloudflare.com	1 redirects www.malwareurl.com challenges.cloudflare.com
2	api.purechat.com	prod.purechatcdn.com
2	prod.purechatcdn.com	app.purechat.com prod.purechatcdn.com
2	app.purechat.com	www.malwareurl.com app.purechat.com
1	api-cdn.purechat.com	app.purechat.com
1	widgetapi.purechat.com	app.purechat.com
1	fonts.googleapis.com	www.malwareurl.com
32	9

This site contains no links.

Subject Issuer	Validity	Valid
www.malwareurl.com RapidSSL TLS RSA CA G1	`2023-07-02` - `2024-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.purechat.com Amazon RSA 2048 M02	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh
purechatcdn.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.malwareurl.com/index.php
Frame ID: 40139CF8B7356E845D4295C00C2B3942
Requests: 28 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/694xp/0x4AAAAAAAMoBXwFSJnTj85U/auto/normal
Frame ID: 5D88FC62A382E7EFA98EBED5C2670CEC
Requests: 1 HTTP requests in this frame

Frame: https://prod.purechatcdn.com/assets/modern_app.13851.js
Frame ID: 4D46C2BBEA214EE9203988655A367480
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Commercial malicious website blacklist services from MalwareURL.com

Page URL History Show full URLs

https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io Page URL
https://www.malwareurl.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

32
Requests

97 %
HTTPS

44 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

2903 kB
Transfer

4015 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io Page URL
https://www.malwareurl.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 listing.php
www.malwareurl.com/ 83 B
246 B 1306ms
60ms Document
text/html 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 83
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 17:38:23 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-frame-options: DENY

GET
H2 200 Primary Request index.php Show response
www.malwareurl.com/ 25 KB
25 KB 27ms
27ms Document
text/html 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwareurl.com/index.php

Requested by

Host: www.malwareurl.com
URL: https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c57168eb38491cf9d3455150f9d2e9a863c64dc0acabc98d7352d3b2e0e1d47a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.malwareurl.com/listing.php?domain=omnitruck.chef.io
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 25723
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 17:38:23 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-frame-options: DENY

GET
H2 200 css
fonts.googleapis.com/ 3 KB
958 B 61ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CSpace+Mono:400

Requested by

Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a91c3c1b1fb7eb1fb41c883b91864b94090f587a7d930b377f73e0f0c2b7e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 17:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 17:38:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 17:38:23 GMT

GET
H2 200 bootstrap.css
www.malwareurl.com/css/ 137 KB
138 KB 35ms
34ms Stylesheet
text/css 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/css/bootstrap.css
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 61cc966fb5d9d03c9956c68349670f9b1a5e75ffde899f32fa562d8e590b000d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 140755
content-type: text/css

GET
H2 200 fonts.css
www.malwareurl.com/css/ 186 KB
186 KB 13ms
12ms Stylesheet
text/css 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/css/fonts.css
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 67fd93609fa275da155666e384f0672f6fa56ef65d182e8202e2a448637c12c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 20 Apr 2021 03:20:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0667b1c9435d71:0"
content-length: 190315
content-type: text/css

GET
H2 200 style.css
www.malwareurl.com/css/ 412 KB
413 KB 51ms
51ms Stylesheet
text/css 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/css/style.css
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b9e3b51d8f2cfced375115b8822487c3fd77ddc9b1fa7ea4d6d46026f1bff32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Mon, 04 Dec 2023 23:20:09 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "e550826c827da1:0"
content-length: 422262
content-type: text/css

GET
H2 200 cookieconsent.min.css
www.malwareurl.com/css/ 4 KB
4 KB 59ms
59ms Stylesheet
text/css 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/css/cookieconsent.min.css
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 135606845ce38f1456e06fb6090cb4ebd1bf45387d164991de1f2969f99c6593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Sat, 17 Apr 2021 00:28:06 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "02fee882033d71:0"
content-length: 4069
content-type: text/css

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/ea25f566/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js

37 KB
13 KB

77ms
73ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 84e3ba627f3c5c7a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 31 Jan 2024 17:38:23 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/ea25f566/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 84e3ba621ef15c7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 malwareurllogo.png
www.malwareurl.com/images/ 141 KB
141 KB 31ms
30ms Image
image/png 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/malwareurllogo.png
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d1ca4dd6c4e3e8f588070f20f5d077cbcb560a00e9fc7e3f2ce8504eff9a8bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Sun, 18 Apr 2021 11:09:12 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0bcdd424334d71:0"
content-length: 144132
content-type: image/png

GET
H2 200 support.png
www.malwareurl.com/images/ 1 KB
1 KB 61ms
60ms Image
image/png 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/support.png
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a7750572c139e8368ea05a9424e219cd82289fad742e7b49e840c0d7b5b74ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Sun, 18 Apr 2021 18:51:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0e058e08334d71:0"
content-length: 1316
content-type: image/png

GET
H2 200 support-grey.png
www.malwareurl.com/images/ 1 KB
1 KB 10ms
10ms Image
image/png 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/support-grey.png
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 69abeecf3be2332d8c0ec5eab0299221aac559e68e8eb94684f5c1b6f65aa0dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Sun, 18 Apr 2021 18:12:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0cef647e34d71:0"
content-length: 1408
content-type: image/png

GET
H2 200 dom.js Show response
www.malwareurl.com/js/ 2 KB
2 KB 49ms
49ms Script
application/javascript 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/js/dom.js
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 409aff20de9ec3ebb06d670a2ab199d05b05be9218bfbfc78b68c54314eec506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Wed, 20 Dec 2023 07:13:15 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "b41afcff1333da1:0"
content-length: 2393
content-type: application/javascript

GET
H2 200 core.min.js Show response
www.malwareurl.com/js/ 568 KB
569 KB 26ms
25ms Script
application/javascript 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/js/core.min.js
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fbba9944867829f78bbebc0a7468188f376565c4503f8ffb4a13fb16f7c79a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Mon, 15 Mar 2021 15:31:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "03ae3db019d71:0"
content-length: 581865
content-type: application/javascript

GET
H2 200 script.js Show response
www.malwareurl.com/js/ 60 KB
60 KB 46ms
46ms Script
application/javascript 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/js/script.js
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ea30ae663b52eb760602f09da5ca9933aeb6984948f60e99839d12e40b8e4790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Fri, 23 Apr 2021 23:00:30 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "07b0759438d71:0"
content-length: 61448
content-type: application/javascript

GET
H2 200 WidgetScript Show response
app.purechat.com/VisitorWidget/ 12 KB
4 KB 133ms
52ms Script
application/javascript 52.222.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.purechat.com/VisitorWidget/WidgetScript
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-87.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d70317ecfd90a7aa5d068e210de6940a0f1e473275526eae00400b9d141ff41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront)
date: Wed, 31 Jan 2024 14:58:02 GMT
last-modified: Tue, 02 Jan 2024 22:57:53 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 9621
etag: W/"3cc943cf82fe16508ced6ee433e4845c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
x-amz-cf-id: vqszi9d2UyY9-Mu7hVvzgyR1BWAymt5KTezLSZE1Q-DUwX-i6VkT2A==

GET
H2 200 i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2
fonts.gstatic.com/s/spacemono/v13/ 15 KB
16 KB 66ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacemono/v13/i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CSpace+Mono:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336d60cbe13b695fb4c5e5482cdb71173ab3608ae52cba41e9bbaae6b69ecd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:49:30 GMT
x-content-type-options: nosniff
age: 175733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15836
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 14:58:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 16:49:30 GMT

GET
H2 200 materialdesignicons-webfont.woff2
www.malwareurl.com/fonts/ 78 KB
78 KB 18ms
15ms Font
application/font-woff2 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/fonts/materialdesignicons-webfont.woff2?v=1.4.57
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1

Request headers

Referer: https://www.malwareurl.com/css/fonts.css
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 79756
content-type: application/font-woff2

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 71ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CSpace+Mono:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:11:24 GMT
x-content-type-options: nosniff
age: 80819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:11:24 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 122ms
85ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CSpace+Mono:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:23 GMT
x-content-type-options: nosniff
age: 81540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:59:23 GMT

GET
H2 200 fontawesome-webfont.woff2
www.malwareurl.com/fonts/ 75 KB
75 KB 27ms
26ms Font
application/font-woff2 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.malwareurl.com/css/fonts.css
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 77160
content-type: application/font-woff2

GET
H2 200 fl-bigmug-line.woff
www.malwareurl.com/fonts/ 21 KB
21 KB 25ms
25ms Font
application/font-woff 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwareurl.com/fonts/fl-bigmug-line.woff
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375

Request headers

Referer: https://www.malwareurl.com/css/fonts.css
Origin: https://www.malwareurl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 21576
content-type: application/font-woff

GET
H2 200 slider-modern-slide-1-1920x660.jpg
www.malwareurl.com/images/ 189 KB
189 KB 33ms
30ms Image
image/jpeg 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/slider-modern-slide-1-1920x660.jpg
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c52e1a0b675d7e37d300f7addc69eb1805709a1a891db73809286a4c03515ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 193225
content-type: image/jpeg

GET
H2 200 slider-modern-slide-2-1920x660.jpg
www.malwareurl.com/images/ 166 KB
166 KB 46ms
43ms Image
image/jpeg 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/slider-modern-slide-2-1920x660.jpg
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b1309ebf13f9293031db33937b42875c61cb91458703f6949af46d2f0524148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 169805
content-type: image/jpeg

GET
H2 200 bg-image-2-1920x1121.jpg
www.malwareurl.com/images/ 437 KB
437 KB 41ms
41ms Image
image/jpeg 78.159.108.169
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwareurl.com/images/bg-image-2-1920x1121.jpg
Requested by: Host: www.malwareurl.com
URL: https://www.malwareurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.108.169 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef70dbe7ab4c286a3bc0574506657ec7d6b9deaee4ab44413ee1ef331e2c6e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:23 GMT
last-modified: Tue, 10 Apr 2018 16:12:18 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01d85b2e6d0d31:0"
content-length: 447270
content-type: image/jpeg

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/694xp/0x4AAAAAAAMoBXwFSJnTj85U/auto/ Frame 5D88 0
0 23ms
23ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/694xp/0x4AAAAAAAMoBXwFSJnTj85U/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://www.malwareurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84e3ba62fbea2bce-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 17:38:23 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 a66d9673-53f5-460b-833d-1348822371cb Show response
widgetapi.purechat.com/api/visitorwidget/widgetversions/ 405 B
718 B 554ms
112ms XHR
application/json 3.12.27.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.purechat.com/api/visitorwidget/widgetversions/a66d9673-53f5-460b-833d-1348822371cb
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.27.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-27-175.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 045937092f7260dd767a1f7ee4f614f706ce7717ce049639645c60d567a44ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:24 GMT
server: Kestrel
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.malwareurl.com
access-control-expose-headers: X-Requires-Auth
cache-control: max-age=60
access-control-allow-credentials: true
content-length: 405

GET
H2 200 18 Show response
api-cdn.purechat.com/api/visitorwidget/widget/a66d9673-53f5-460b-833d-1348822371cb/ 9 KB
3 KB 115ms
17ms XHR
application/json 18.173.187.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.purechat.com/api/visitorwidget/widget/a66d9673-53f5-460b-833d-1348822371cb/18
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-119.muc50.r.cloudfront.net
Software: Kestrel /
Resource Hash: a750836e0f24084a2b379e1da41d13ea084221a5c522ef485626573df0296d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 23:33:55 GMT
content-encoding: gzip
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: MUC50-P4
age: 4039469
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.malwareurl.com
access-control-expose-headers: X-Requires-Auth
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-id: Ncn8SoutnU48ukEO8R1sou2ZM6okwLCbqwPOIAWcCxcJ0aEJENssCw==

GET
H2 200 version Show response
app.purechat.com/ 234 B
613 B 19ms
18ms Script
application/javascript 52.222.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.purechat.com/version?_=_&callback=_WidgetJPCB_Version
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-87.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a600a75a8fd758854ea6877acfe52b061a8171df731e5822d2424d89cc53ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 31 Jan 2024 17:25:43 GMT
via: 1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jan 2024 22:58:30 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 762
etag: "bbe228fb576ddc68ae3e033297975a80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=900
content-length: 234
x-amz-cf-id: kYGOv0uyskQw34oP2RnRURJkGaUl9OAe0acei5wiC3r8k1KmRD9Q4g==

GET
H2 200 modern_initializer.13851.js Show response
prod.purechatcdn.com/assets/ 132 KB
26 KB 62ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.purechatcdn.com/assets/modern_initializer.13851.js
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be46e13b2a5048a76047e938a7978bdc5bbcbc116c5e47133d2c0bcc065a7cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:24 GMT
x-amz-version-id: null
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
age: 5572227
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 18:18:32 GMT
server: cloudflare
etag: W/"98f959e1bfe2e5619eff78f14f5dfaca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZV796OQTZauaX31U4D3IcuTwhvoVmz4Dn%2BfsxUnwC2YwG6ZTS4McVugTT1m0j68NUBrVGTWcGG0Hgti6QzLyKZcrHt%2F597A5sBECywW%2BAfvEu45c6BYyu0icFSJ5ASg%2FEG02lZHq5tN4ZzfVJiK4ohYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84e3ba686f983807-FRA
x-amz-cf-id: 6NGcxCcRnrs8esGfqQlIcGtQUuWZK-xnBOGpXiXW6o4jnsc-Vdx76w==

GET
H2 200 modern_app.13851.js Show response
prod.purechatcdn.com/assets/ Frame 4D46 1 MB
285 KB 73ms
72ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.purechatcdn.com/assets/modern_app.13851.js
Requested by: Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_initializer.13851.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e7aaa407d85296cb4c7d1caee5c05eb28716137145a3688635505465db8618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.malwareurl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:38:24 GMT
x-amz-version-id: null
via: 1.1 9929448596fb4faec2a082aabe759212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 5584923
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 18:18:30 GMT
server: cloudflare
etag: W/"8a044e92ca7ff52b1df0172b2bc54c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziTcKwAUpmTZNz%2FgIQjCxCPFUvPM62D%2Btyh802aQwaWK9zSwsRcXOevW6Qz7Fm8MS6fkOCo0alF3kBx5DNtElCRNnjSxNlgw2WKbiWVNS7GUXfg8MNirIQasBRcABmGsK05gOUMQgygyQMihbvfD9oKhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84e3ba68cff33807-FRA
x-amz-cf-id: e9mI1uGfII7ZIV9M4l-eXOYFbOT6_qpunZ3-KPTN0GAwUHJcers7qw==

GET
H2 200 a66d9673-53f5-460b-833d-1348822371cb Show response
api.purechat.com/api/visitorwidget/chatavailable/559705/ Frame 4D46 20 B
218 B 107ms
107ms Fetch
application/json 3.12.27.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purechat.com/api/visitorwidget/chatavailable/559705/a66d9673-53f5-460b-833d-1348822371cb?externalRequest=false&getAvailableOperators=true
Requested by: Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_app.13851.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.27.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-27-175.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87

Request headers

Accept: application/json
Referer: https://www.malwareurl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.malwareurl.com
date: Wed, 31 Jan 2024 17:38:25 GMT
access-control-expose-headers: X-Requires-Auth
access-control-allow-credentials: true
server: Kestrel
content-length: 20
content-type: application/json; charset=utf-8

OPTIONS
H2 204 a66d9673-53f5-460b-833d-1348822371cb
api.purechat.com/api/visitorwidget/chatavailable/559705/ Frame 0
0 330ms
110ms Preflight 18.117.207.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purechat.com/api/visitorwidget/chatavailable/559705/a66d9673-53f5-460b-833d-1348822371cb?externalRequest=false&getAvailableOperators=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.207.223 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-207-223.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.malwareurl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.malwareurl.com
date: Wed, 31 Jan 2024 17:38:25 GMT
server: Kestrel

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cdn.purechat.com
api.purechat.com
app.purechat.com
challenges.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
prod.purechatcdn.com
widgetapi.purechat.com
www.malwareurl.com
18.117.207.223
18.173.187.119
2606:4700::6811:3b8
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
3.12.27.175
52.222.174.87
78.159.108.169
045937092f7260dd767a1f7ee4f614f706ce7717ce049639645c60d567a44ab4
135606845ce38f1456e06fb6090cb4ebd1bf45387d164991de1f2969f99c6593
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
336d60cbe13b695fb4c5e5482cdb71173ab3608ae52cba41e9bbaae6b69ecd9a
409aff20de9ec3ebb06d670a2ab199d05b05be9218bfbfc78b68c54314eec506
4a600a75a8fd758854ea6877acfe52b061a8171df731e5822d2424d89cc53ad8
50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375
56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
61cc966fb5d9d03c9956c68349670f9b1a5e75ffde899f32fa562d8e590b000d
67fd93609fa275da155666e384f0672f6fa56ef65d182e8202e2a448637c12c0
69abeecf3be2332d8c0ec5eab0299221aac559e68e8eb94684f5c1b6f65aa0dc
7b1309ebf13f9293031db33937b42875c61cb91458703f6949af46d2f0524148
7c52e1a0b675d7e37d300f7addc69eb1805709a1a891db73809286a4c03515ee
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87
a750836e0f24084a2b379e1da41d13ea084221a5c522ef485626573df0296d61
a7750572c139e8368ea05a9424e219cd82289fad742e7b49e840c0d7b5b74ecc
a91c3c1b1fb7eb1fb41c883b91864b94090f587a7d930b377f73e0f0c2b7e40b
b9e3b51d8f2cfced375115b8822487c3fd77ddc9b1fa7ea4d6d46026f1bff32f
be46e13b2a5048a76047e938a7978bdc5bbcbc116c5e47133d2c0bcc065a7cd3
c2e7aaa407d85296cb4c7d1caee5c05eb28716137145a3688635505465db8618
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c57168eb38491cf9d3455150f9d2e9a863c64dc0acabc98d7352d3b2e0e1d47a
d1ca4dd6c4e3e8f588070f20f5d077cbcb560a00e9fc7e3f2ce8504eff9a8bd4
d70317ecfd90a7aa5d068e210de6940a0f1e473275526eae00400b9d141ff41e
ea30ae663b52eb760602f09da5ca9933aeb6984948f60e99839d12e40b8e4790
ef70dbe7ab4c286a3bc0574506657ec7d6b9deaee4ab44413ee1ef331e2c6e49
fbba9944867829f78bbebc0a7468188f376565c4503f8ffb4a13fb16f7c79a36

www.malwareurl.com Open in urlscan Pro 78.159.108.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

44 %IPv6

6 Domains

9 Subdomains

9 IPs

2 Countries

2903 kBTransfer

4015 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malwareurl.com Open in urlscan Pro
78.159.108.169 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

44 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

2903 kB
Transfer

4015 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions