psarchive.darksoftware.xyz

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is psarchive.darksoftware.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 20th 2024. Valid for: 3 months.

This is the only time psarchive.darksoftware.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 6	188.114.96.3 188.114.96.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	1

6 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

psarchive.darksoftware.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	darksoftware.xyz 1 redirects psarchive.darksoftware.xyz	9 KB
5	1

	Domain	Requested by
6	psarchive.darksoftware.xyz	1 redirects psarchive.darksoftware.xyz
5	1

This site contains no links.

Subject Issuer	Validity	Valid
darksoftware.xyz GTS CA 1P5	`2024-04-20` - `2024-07-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Frame ID: C7F8687FC47B87B1A22F617F5FD2449C
Requests: 3 HTTP requests in this frame

Frame: https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: E64C292FAAA059C5C2CDF71009CB687C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

9 kB
Transfer

14 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 404 Primary Request UPDATER_BETA.pkg Show response
psarchive.darksoftware.xyz/ 1 KB
1 KB 136ms
98ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ebf2833a2e7a1ebd14be9b80741efe534dadae613932396421a32fe767097

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87e1bc6dcd4c655c-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 16:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaJ034FnPWxrAliYoS8%2BBeLn06jjE%2BHRm9h2eHuLdlIPVpjjc94g3qZYKzZ1dcrje%2FDxavspAHZjCSJg47AGJseMeihAHAQWrSf2%2B73RinWR7I3P6if%2FmEwPmaJIGoqJmX6b7b0P5Gx6BKt4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 vBuD47EqttWyOKVyTjAmnqZ1Qv0.js Show response
psarchive.darksoftware.xyz/cdn-cgi/apps/head/ 4 KB
2 KB 27ms
26ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psarchive.darksoftware.xyz/cdn-cgi/apps/head/vBuD47EqttWyOKVyTjAmnqZ1Qv0.js
Requested by: Host: psarchive.darksoftware.xyz
URL: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45e024b6a3e2928ef6321323c2505a6fee276d6765f8f7367b1a40e006e5f723

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 16:47:59 GMT
x-amz-version-id: S0PxHx.IUrt5U3DUpeNvONfG1Y51haEn
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8MAXSE9C0DX9MX32
age: 68745
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0iAqaM7ftKLEBPtJE4zP6e2NR/lYh2sR/fQNsh9RzQaUvBymQhSzfsudu0+oNH48WvUJYYCutFY=
last-modified: Sat, 13 Apr 2024 20:29:03 GMT
server: cloudflare
etag: W/"711fb36f8c056b799825dc37e355b703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvh%2BlUnlx1XttT%2FTelE9kJojzzQ56PAvxRF9OzAvcO7ucpecNdPEK8fnkfTbNTKMeqsFyq9PgxE2gZzPOVn%2BMos5fr677gcTxlIrOeF9pJPtYfeboEQsmNoOol9oB35YCyTZA0rqyS3ngB%2B40A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 87e1bc6e6e1a655c-AMS

GET
H3

200

main.js Show response
psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame E64C
Redirect Chain

https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

24ms
24ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Protocol

H3

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0014ac978b11f69d683b1d7caa3628973d526776b06b0a79b969e353105c418

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 03 May 2024 16:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wc6ddzdTBVl6NmF0%2BUPSoB6xgLcqFmF%2BPADqdDxnDccm2A3nkizDMmMxxVIhq4BO0K%2BBF7YnQli34OjEVLt%2B7xHT4mZcMTAq3GMVhOuTCOfSxtdVW%2FrLUU2rCtLl%2BArvxatyygynhry6PjzuRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87e1bc6eeea3655c-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 03 May 2024 16:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=De2vx%2BIQY9OcfuSqrB9UlHEj1SLNHUCn4Jg9%2F8W6cwR3mciiHrkIKabTpbnaOP7S99m%2FtpLucucuiv5ZDXP9fbUJji94ExbIlZunK%2FW6o8sl8foZeWZo2rgZYYkceYvsb1l8%2FXqrRzIEZv7QTA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control: max-age=300, public
cf-ray: 87e1bc6eae63655c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon.ico
psarchive.darksoftware.xyz/ 1 KB
1021 B 86ms
85ms Other
image/vnd.microsoft.icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psarchive.darksoftware.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adbee25ed7169440a765fe185d87f7aabb277c94127ff47c5dca87c10c027bbe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 16:47:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 30 May 2022 13:41:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6294c9a6-47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5q063ENkvELFsaYhv5nM9LdarYCrcy4Z81sTgyUS4fnK5DqXgMFPyY51LahedgzAz1jNqEUILIYM3siFWv4%2BRuFfwN3hPZSCPwyQAn6vj%2BQs2zKRInxt2PpPdO1OTUCflucnqOJr%2FzoIHTLDOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 87e1bc6ebe68655c-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 87e1bc6dcd4c655c Show response
psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E64C 0
598 B 42ms
41ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/87e1bc6dcd4c655c
Requested by: Host: psarchive.darksoftware.xyz
URL: https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 May 2024 16:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6UVAoF62s37lSzO3IQUkD%2BqJwzJTGLTAT%2F3zpL5ZrCwupo5Iclo0I2MvN7y288seYjQZYYBdhofqx8epNngOOgp28XRDpJ65hjqGqTEcOssULJiNWsJcdS7HImKjMKJws1Dis2iTN1QjfkWvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 87e1bc6f7f6d655c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CloudflareApps

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.darksoftware.xyz/	1970-01-21 05:04:50	Name: cf_clearance Value: BDeVYem4YVYdo1UME43NXMP0nj3PQP65g68hTvG.R.Q-1714754879-1.0.1.1-AVjtFBHVJAs0.QsgPA_dXp9nz6jIxJWjWGRthg5i0GZ_5qnD5rFfmrA8dEDpJErBqOScm.LIGJUaF3Js1gdjRA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

psarchive.darksoftware.xyz
188.114.96.3
45e024b6a3e2928ef6321323c2505a6fee276d6765f8f7367b1a40e006e5f723
839ebf2833a2e7a1ebd14be9b80741efe534dadae613932396421a32fe767097
adbee25ed7169440a765fe185d87f7aabb277c94127ff47c5dca87c10c027bbe
d0014ac978b11f69d683b1d7caa3628973d526776b06b0a79b969e353105c418
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

psarchive.darksoftware.xyz Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

9 kBTransfer

14 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

psarchive.darksoftware.xyz Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

9 kB
Transfer

14 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions