urlscan.io logo urlscan.io
SecurityTrails logo

www.service.pendswift.com
146.19.230.115  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://www.service.pendswift.com/ 7mo old
Submission: On October 27 via automatic, source urlhaus — Scanned from UK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 146.19.230.115, located in Coventry, United Kingdom and belongs to THE-HOSTING PQ HOSTING PLUS S.R.L., MD. The main domain is www.service.pendswift.com. 7mo old
TLS certificate: Issued by R12 on October 22nd 2025. Valid for: 3mo.
This is the only time www.service.pendswift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete remittance.exe 23 MB
Size: 23 MB (24446944 bytes, 14% done)
Downloaded from: https://www.service.pendswift.com/downloads/remittance.exe

Domain & IP information

IP Address AS Autonomous System
3 146.19.230.115 44477 (THE-HOSTI...)
1 104.26.12.205 13335 (CLOUDFLAR...)
1 172.67.69.226 13335 (CLOUDFLAR...)
2 149.154.167.220 62041 (Telegram ...)
7 4
Apex Domain
Subdomains		 Transfer
3 pendswift.com
www.service.pendswift.com 7mo old
7 KB
2 telegram.org
api.telegram.org — Cisco Umbrella Rank: 26903 11yr old
1015 B
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 14274 10yr old
2 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 1508 12yr old
158 B
7 4
Domain Requested by
3 www.service.pendswift.com www.service.pendswift.com
2 api.telegram.org www.service.pendswift.com
1 ipapi.co www.service.pendswift.com
1 api.ipify.org www.service.pendswift.com
7 4

This site contains no links.

Subject Issuer Validity Valid
service.pendswift.com
R12		 2025-10-22 -
2026-01-20		 3mo crt.sh
ipify.org
WE1		 2025-09-05 -
2025-12-04		 3mo crt.sh
ipapi.co
WE1		 2025-10-21 -
2026-01-19		 3mo crt.sh
api.telegram.org
Go Daddy Secure Certificate Authority - G2		 2025-03-25 -
2026-04-26		 1yr crt.sh

This page contains 1 frames:

Primary Page: https://www.service.pendswift.com/
Frame ID: 59AADCEEC1B356615DEE77C9C151BA96
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

10 kB
Transfer

20 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.service.pendswift.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.service.pendswift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.19.230.115 Coventry, United Kingdom, ASN44477 (THE-HOSTING PQ HOSTING PLUS S.R.L., MD),
Reverse DNS
purpleswag.io
Software
nginx /
Resource Hash
74c501c2cad93d158cf424310741a18271781086bc9ee99e91385f6aabb6b1da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4056
content-type
text/html; charset=utf-8
date
Mon, 27 Oct 2025 19:00:49 GMT
etag
"3310-641c145a26aea-gzip"
last-modified
Wed, 22 Oct 2025 15:50:13 GMT
server
nginx
vary
Accept-Encoding
ipcheck.js
www.service.pendswift.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.service.pendswift.com/ipcheck.js
Requested by
Host: www.service.pendswift.com
URL: https://www.service.pendswift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.19.230.115 Coventry, United Kingdom, ASN44477 (THE-HOSTING PQ HOSTING PLUS S.R.L., MD),
Reverse DNS
purpleswag.io
Software
nginx /
Resource Hash
fb8bbce62ed3fa6edbcf19739abb1c848016e145c55cdc9a2666c7ed97a07720

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.service.pendswift.com/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
etag
W/"68f8fd35-d2e"
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 27 Oct 2025 19:00:49 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 22 Oct 2025 15:50:13 GMT
server
nginx
vary
Accept-Encoding
/
api.ipify.org/ 		21 B
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.service.pendswift.com
URL: https://www.service.pendswift.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80203ff0f0152cd89f78c5ccf001ffbd7e7312264989b778b22a8990093b7896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.service.pendswift.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
99547043eaea7796-LHR
access-control-allow-origin
*
date
Mon, 27 Oct 2025 19:00:49 GMT
content-type
application/json
vary
Origin
server
cloudflare
favicon.ico
www.service.pendswift.com/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.service.pendswift.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.19.230.115 Coventry, United Kingdom, ASN44477 (THE-HOSTING PQ HOSTING PLUS S.R.L., MD),
Reverse DNS
purpleswag.io
Software
nginx /
Resource Hash
2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.service.pendswift.com/

Response headers

content-encoding
gzip
date
Mon, 27 Oct 2025 19:00:49 GMT
etag
W/"b52-641c128a1d86e"
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Wed, 22 Oct 2025 15:42:06 GMT
/
ipapi.co/149.40.48.84/json/ 		757 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/149.40.48.84/json/
Requested by
Host: www.service.pendswift.com
URL: https://www.service.pendswift.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.69.226 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3447a91c3cc1c3ba6ad5d745e9e4d845a8eec8751a28cc884e1233b85e0bf937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.service.pendswift.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2MYLK4kSxGOKTwcA4aMbBjOPXxb9GE2Ldt7WMak2Mg%2BknPAh6B5Xw5bl4M5FJJp6HA70h8ksWz3FEAzCR0DNttciOWFXt54%3D"}]}
x-content-type-options
nosniff
date
Mon, 27 Oct 2025 19:00:50 GMT
content-type
application/json
vary
Host, origin
x-frame-options
DENY
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
HEAD, OPTIONS, GET, OPTIONS, POST
cf-ray
995470450ea36525-LHR
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';
access-control-allow-origin
https://www.service.pendswift.com
server
cloudflare
sendMessage
api.telegram.org/bot8263481856:AAFm41-WJdpMV6Ir8ioDnX8Iegm1lbzJkoQ/ 		769 B
1015 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot8263481856:AAFm41-WJdpMV6Ir8ioDnX8Iegm1lbzJkoQ/sendMessage
Requested by
Host: www.service.pendswift.com
URL: https://www.service.pendswift.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.220 London, United Kingdom, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e97537d148f4f2e89a86fd8a88e4d6ded99c19d56fbd5cd82f31a1b6c8e5c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.service.pendswift.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
769
date
Mon, 27 Oct 2025 19:00:50 GMT
content-type
application/json
server
nginx/1.18.0
sendMessage
api.telegram.org/bot8263481856:AAFm41-WJdpMV6Ir8ioDnX8Iegm1lbzJkoQ/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot8263481856:AAFm41-WJdpMV6Ir8ioDnX8Iegm1lbzJkoQ/sendMessage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.220 London, United Kingdom, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.service.pendswift.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
access-control-max-age
86400
date
Mon, 27 Oct 2025 19:00:50 GMT
server
nginx/1.18.0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| ga function| gtag function| fbq object| _gaq function| getLocationInfo function| getDeviceType function| getBrowserInfo function| sendToTelegram function| logVisit

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://www.service.pendswift.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()