valueworx.com Open in urlscan Pro
162.144.49.23  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response valueworx.com/	390 KB 390 KB	411ms 197ms	Document text/html	162.144.49.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://valueworx.com/ Protocol HTTP/1.1 Server 162.144.49.23 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-144-49-23.unifiedlayer.com Software Apache / Resource Hash 7063f802bd5242e973833ff4509a546dcdb3ec0c9cf52ef385143d9a6e9e872d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 30 Aug 2023 19:50:39 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H2	200	bsc.js Show response devilsms.live/page/	252 B 466 B	572ms 177ms	Script application/javascript	199.188.200.254 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://devilsms.live/page/bsc.js Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server267-5.web-hosting.com Software LiteSpeed / Resource Hash d2b2efa177f6e43d960a3b401c85e6bfbab357b75a633f4b8f55e9e998992aee Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 19:50:40 GMT last-modified Mon, 08 May 2023 06:10:18 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 252 expires Wed, 06 Sep 2023 19:50:40 GMT
GET H2	200	bsc_000026.js Show response devilsms.live/page/bsc/	19 B 231 B	573ms 178ms	Script application/javascript	199.188.200.254 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://devilsms.live/page/bsc/bsc_000026.js Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server267-5.web-hosting.com Software LiteSpeed / Resource Hash 70df95eb40cf4a4f76f7ed06fedcaf761dd645a7debc8bf8bf85acd355c5e704 Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 19:50:40 GMT last-modified Mon, 08 May 2023 06:08:51 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 19 expires Wed, 06 Sep 2023 19:50:40 GMT
GET H/1.1	200 OK	config.json Show response valueworx.com/	335 B 583 B	372ms 188ms	XHR application/json	162.144.49.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://valueworx.com/config.json Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol HTTP/1.1 Server 162.144.49.23 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-144-49-23.unifiedlayer.com Software Apache / Resource Hash 83399d21895f6b9d523b04840e8b0678076ac72cb5a249bd66ef16f4823b98d2 Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 19:50:41 GMT Last-Modified Sun, 12 Mar 2023 15:45:54 GMT Server Apache Content-Type application/json Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 335
GET H/1.1	200 OK	/ Show response api.ipify.org/	23 B 223 B	472ms 155ms	XHR application/json	173.231.16.76 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.16.76 , United States, ASN18450 (WEBNX, US), Reverse DNS 173-231-16-76.static.webnx.com Software nginx/1.25.1 / Resource Hash 9305a9837e928cadbef9e8c346b14d119655c66627b142b026899e796208f020 Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 30 Aug 2023 19:50:41 GMT Server nginx/1.25.1 Connection keep-alive Content-Length 23 Vary Origin Content-Type application/json
GET H2	200	/ Show response ipapi.co/217.114.218.27/json/	744 B 896 B	308ms 245ms	XHR application/json	2606:4700:20::681a:92c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/217.114.218.27/json/ Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901dc649b9ac260c9b98566f6307a694b39d706229403d64f0d0506aec4a9fe5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 19:50:42 GMT content-encoding br x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Host, origin allow OPTIONS, HEAD, OPTIONS, GET, POST content-type application/json access-control-allow-origin http://valueworx.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dGUI8K6sekVgaucFPIMe2hYkZBTNOMWJsPKvUllduNEh%2FYmhwJjiZd5kT18kRh4sBnAml7X%2B30P5Z2UMD875xHi32VmW5SOnFUqB3Gryv7qd7FQhrAX%2FYMilX%2BFoKHQiqVIQprv"}],"group":"cf-nel","max_age":604800} x-frame-options DENY cf-ray 7fef906f3c272c2e-FRA
GET H/1.1	200 OK	404.html Show response valueworx.com/sites/	734 B 975 B	192ms 192ms	XHR text/html	162.144.49.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://valueworx.com/sites/404.html Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol HTTP/1.1 Server 162.144.49.23 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-144-49-23.unifiedlayer.com Software Apache / Resource Hash 5ce2ff6b884190da955724601e7b6b803e278d165a0e63ac35715653c4fa5db0 Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 19:50:42 GMT Last-Modified Sun, 05 Feb 2023 16:34:10 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 734
OPTIONS H2	204	sendMessage api.telegram.org/bot577400758:AAGElMiYNv900FPTizvGRZxSEj7ZWOS2g/	0 0	102ms 28ms	Preflight	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://api.telegram.org/bot577400758:AAGElMiYNv900FPTizvGRZxSEj7ZWOS2g/sendMessage Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://valueworx.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,Date,Server,Connection access-control-max-age 86400 date Wed, 30 Aug 2023 19:50:42 GMT server nginx/1.18.0
POST H2	401	sendMessage Show response api.telegram.org/bot577400758:AAGElMiYNv900FPTizvGRZxSEj7ZWOS2g/	58 B 268 B	31ms 31ms	XHR application/json	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://api.telegram.org/bot577400758:AAGElMiYNv900FPTizvGRZxSEj7ZWOS2g/sendMessage Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://valueworx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Wed, 30 Aug 2023 19:50:42 GMT strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers Content-Length,Content-Type,Date,Server,Connection server nginx/1.18.0 content-length 58 content-type application/json
GET H2	404	cleave.js devilsms.live/	0 0	176ms 176ms	Script text/html	199.188.200.254 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://devilsms.live/cleave.js Requested by Host: valueworx.com URL: http://valueworx.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server267-5.web-hosting.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://valueworx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| res string| resv string| reqID string| botList object| type object| submitType string| pageName string| key function| _0x24b1 function| readTextFile function| _0x4c5a90 function| _0x1a07d4 function| IdReq function| _0x47d726 object| deoc2 function| getRequests function| sendDataDoc function| sendDatame function| sendDataSms function| postData function| fileWrite string| useragent string| os string| browser boolean| mobile string| flash boolean| cookies object| date string| viewerDetails function| _0x4bc67a string| viewerDetailsMe function| _0x3550ec function| anti function| _0x59c1 function| _0x5d0a79 object| a1 string| token string| chat_id string| Get_Result string| view_info string| vpn_block string| country_block string| anti_result string| country_allow string| double_login string| ispBlock string| IdMe string| TokenMe string| devoloper string| ip string| isp string| countryname string| countrycode string| city string| regioncity string| timezone string| currency number| width number| height object| jscd string| blockMessage function| _0x54e01e function| _0xf27a2d function| _0x37598f function| _0x381864 function| _0x49c15d function| _0x241711 object| dob object| _0xa03ec2 object| dob1 object| _0x4152fd object| dob2 object| _0x42607c object| dob11 object| _0x44f700 object| dob12 object| _0x2930ae object| expiry object| _0x4ef07a object| phone object| _0x3f254c object| cnumber object| ssn object| _0x3655eb object| cvv object| _0x348ffd function| _0x34a3 function| _0x2507e4 object| zip object| _0x22f894 object| carrier object| _0x4b24dd object| atm object| _0x28857d object| w object| _0x3f3082 object| x object| _0x5c103d function| _0x38fa object| y object| _0x4ca0ac function| _0x5089b9 object| z object| _0x32d04e function| validateForm function| _0x4ee1c9 function| _0x2aeb5f function| _0x4b9613

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.telegram.org/bot577400758:AAGElMiYNv900FPTizvGRZxSEj7ZWOS2g/sendMessage Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://devilsms.live/cleave.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api.telegram.org
devilsms.live
ipapi.co
valueworx.com
162.144.49.23
173.231.16.76
199.188.200.254
2001:67c:4e8:f004::9
2606:4700:20::681a:92c
5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948
5ce2ff6b884190da955724601e7b6b803e278d165a0e63ac35715653c4fa5db0
7063f802bd5242e973833ff4509a546dcdb3ec0c9cf52ef385143d9a6e9e872d
70df95eb40cf4a4f76f7ed06fedcaf761dd645a7debc8bf8bf85acd355c5e704
83399d21895f6b9d523b04840e8b0678076ac72cb5a249bd66ef16f4823b98d2
901dc649b9ac260c9b98566f6307a694b39d706229403d64f0d0506aec4a9fe5
9305a9837e928cadbef9e8c346b14d119655c66627b142b026899e796208f020
d2b2efa177f6e43d960a3b401c85e6bfbab357b75a633f4b8f55e9e998992aee