psarchive.darksoftware.xyz
Open in
urlscan Pro
188.114.96.3
Public Scan
Submission Tags: 0xscam
Submission: On May 03 via api from US — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on April 20th 2024. Valid for: 3 months.
This is the only time psarchive.darksoftware.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
darksoftware.xyz
1 redirects
psarchive.darksoftware.xyz |
9 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
6 | psarchive.darksoftware.xyz |
1 redirects
psarchive.darksoftware.xyz
|
5 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
darksoftware.xyz GTS CA 1P5 |
2024-04-20 - 2024-07-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://psarchive.darksoftware.xyz/UPDATER_BETA.pkg
Frame ID: C7F8687FC47B87B1A22F617F5FD2449C
Requests: 3 HTTP requests in this frame
Frame:
https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: E64C292FAAA059C5C2CDF71009CB687C
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
UPDATER_BETA.pkg
psarchive.darksoftware.xyz/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vBuD47EqttWyOKVyTjAmnqZ1Qv0.js
psarchive.darksoftware.xyz/cdn-cgi/apps/head/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame E64C Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
psarchive.darksoftware.xyz/ |
1 KB 1021 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
87e1bc6dcd4c655c
psarchive.darksoftware.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E64C |
0 598 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| CloudflareApps1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.darksoftware.xyz/ | Name: cf_clearance Value: BDeVYem4YVYdo1UME43NXMP0nj3PQP65g68hTvG.R.Q-1714754879-1.0.1.1-AVjtFBHVJAs0.QsgPA_dXp9nz6jIxJWjWGRthg5i0GZ_5qnD5rFfmrA8dEDpJErBqOScm.LIGJUaF3Js1gdjRA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
psarchive.darksoftware.xyz
188.114.96.3
45e024b6a3e2928ef6321323c2505a6fee276d6765f8f7367b1a40e006e5f723
839ebf2833a2e7a1ebd14be9b80741efe534dadae613932396421a32fe767097
adbee25ed7169440a765fe185d87f7aabb277c94127ff47c5dca87c10c027bbe
d0014ac978b11f69d683b1d7caa3628973d526776b06b0a79b969e353105c418
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855