wipet.malwarewatch.org Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wipet.malwarewatch.org/
Effective URL:
https://wipet.malwarewatch.org/
Submission: On July 10 via api (July 10th 2024, 3:06:33 pm UTC) from US — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is wipet.malwarewatch.org.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.

This is the only time wipet.malwarewatch.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	188.114.96.3 188.114.96.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	1

10 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

wipet.malwarewatch.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	malwarewatch.org wipet.malwarewatch.org	1 MB
10	1

	Domain	Requested by
10	wipet.malwarewatch.org	wipet.malwarewatch.org
10	1

This site contains no links.

Subject Issuer	Validity	Valid
malwarewatch.org WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wipet.malwarewatch.org/
Frame ID: 3B58F1EBE2666A1051013D246391AF9D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AMOGUS

Page URL History Show full URLs

http://wipet.malwarewatch.org/ HTTP 307
https://wipet.malwarewatch.org/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1499 kB
Transfer

1725 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wipet.malwarewatch.org/ HTTP 307
https://wipet.malwarewatch.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response wipet.malwarewatch.org/ Redirect Chain http://wipet.malwarewatch.org/ https://wipet.malwarewatch.org/	3 KB 1 KB	163ms 105ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0143c15a5f86b042d0be22c01f077ba44fc55de6e60571b4b6cddb36b1dcb60b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a11753d5a6e2be8-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 10 Jul 2024 15:06:29 GMT last-modified Sun, 28 Feb 2021 23:30:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2B5DZVQdjYwvye86l7d4YleFxSxCx23uzQRm59CC6lSJwVXjDXVkdiqpYL%2BS4pnmjpwWOVRkD8vLCejuAEeN1Y%2BKoTaZmdqwvj5z%2F8jPlZpwYDK9OCbhwwzcjC6BYn3vTH7P9n8DHFwY"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Location https://wipet.malwarewatch.org/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	AMOGUS.css wipet.malwarewatch.org/	2 KB 998 B	110ms 109ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/AMOGUS.css Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e35dcb1179f955ddda9393c21dae23fb0972e3f6401860131f0ea2530eca4b7` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT content-encoding br cf-cache-status MISS last-modified Sun, 28 Feb 2021 22:18:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"603c16d2-607" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euoIN2h4MgR1Q1Wcv6rzfdlSTjwSqnw4CXDhyAQ9prNaugQy8ESqGNQsmOheWmBIg6WxpVVgLGZrsSb0mpYyeVYo6QKEPQevES%2B9LuOI0xIyGP4E9BO4cb%2FOl9JN3pUy2%2FhjXZ%2FAUFRk"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 8a11753e1b112be8-FRA alt-svc h3=":443"; ma=86400
GET H3	200	AMOGUS.js Show response wipet.malwarewatch.org/	6 KB 2 KB	109ms 109ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/AMOGUS.js Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `36bc0a70936e7fe9750e50867626ac979bf744b025e2dce54c4414af654ccfdb` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT content-encoding br cf-cache-status MISS last-modified Sun, 28 Feb 2021 23:32:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"603c280b-18b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsnU9g3JSbdtpz%2F8Ybay2Se8DTxZn7y%2BoePMPKRU6LJUBCG2vZ3qgqE2JJzPij980hfSai9tIYSR8lTo6GuDEhjU6PnuHBYcVXnShxub7%2B%2BSjd8CC3k4ZLZEm6G1FFaVUzGhh5awL5mP"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 8a11753e1b142be8-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ZALGO.js Show response wipet.malwarewatch.org/	4 KB 1 KB	101ms 100ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/ZALGO.js Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `01fdc1b0cfa0918ea46aede6d41f2bec7ac38cb437cdd6b5bb813e35ff45de5d` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT content-encoding br cf-cache-status MISS last-modified Sun, 28 Feb 2021 21:46:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"603c0f4d-10ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jrz%2FSskrAe5xMKZzVnVyKnp44HyYDSZZkAbzPygCPz%2FFzFf%2BLRetZGM8pnECveDtSG3XAF3pSIYOmPbKow%2Bcc1WH%2BXQO09L7vBcycPORdsdO3mzWztRkB7amaBXEW5M7wgfdaAwGCM%2Fc"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 8a11753e1b152be8-FRA alt-svc h3=":443"; ma=86400
GET H3	200	SUS.png wipet.malwarewatch.org/	1 MB 1 MB	142ms 142ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wipet.malwarewatch.org/SUS.png Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `913b6184c24f815b2e9f5c4aed93303eadd9f8b7e88351e1e094c535a76d95b9` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT cf-cache-status MISS last-modified Sun, 28 Feb 2021 13:31:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "603b9b2a-154560" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05hU1oXDu0kHj8oj9SOCUY0%2FFYKOzewcdV%2Bzdf4vKU4tNxELXhArqgFEAKmrZKAswFA6xvVX5Z4PbJDM2lzIC839bOgwx6wgZ3nKqMFJBS3h2t%2FiX9oZLqKwl6GFHDsS%2F8CpKSR27OHP"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a11753e1b172be8-FRA alt-svc h3=":443"; ma=86400 content-length 1394016
GET H3	200	SUS1.jpg wipet.malwarewatch.org/	71 KB 71 KB	437ms 437ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wipet.malwarewatch.org/SUS1.jpg Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f179750779f118191f1c3aad1cc6fa68a2930fe3a57b8dd71680b2b6a144daeb` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT cf-cache-status MISS last-modified Sun, 28 Feb 2021 22:22:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "603c17c3-11af1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEALSQ3rvjuV5eftYR8GijYolDJjozH%2FBLJZ0Ab631wUhn%2Bn%2FaO6QnSv4Q%2FXDmAmhHxt6DTnR%2Fe6DWn%2BsHETjcSRT1h%2FlD365X2LP42%2BAH2in%2BSF4Zpl9C1iektDBAL47JvYB1IXT3py"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8a11753ecbd52be8-FRA alt-svc h3=":443"; ma=86400 content-length 72433
GET H3	200	AMOGUS.cur wipet.malwarewatch.org/	4 KB 5 KB	452ms 451ms	Image application/octet-stream	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wipet.malwarewatch.org/AMOGUS.cur Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/AMOGUS.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7325db9fbb8de58453d16d3fb57a6afa4428569ac054ce2dbe47bc636a627c27` Request headers Referer https://wipet.malwarewatch.org/AMOGUS.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:29 GMT cf-cache-status DYNAMIC last-modified Sun, 28 Feb 2021 22:17:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "603c1681-10be" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkNtNuukTmX1iLqF1iyTE5vL7pdvJK3XAvQVQwQg5lKIeH6m31gMJo21%2B0%2Bs0V6k5w%2F%2FFzayElc%2Fr7gmA5PseAGtl9CFSTSEnKVc%2F6Rh%2BNc31HdOkgpjT2cSmpqRsv0pFerOibuTTuS5"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream accept-ranges bytes cf-ray 8a11753ecbd72be8-FRA alt-svc h3=":443"; ma=86400 content-length 4286
GET H3	206	AMOGUS.mp4 wipet.malwarewatch.org/	191 KB 0	447ms 447ms	Media video/mp4	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/AMOGUS.mp4 Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://wipet.malwarewatch.org/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Wed, 10 Jul 2024 15:06:29 GMT cf-cache-status MISS last-modified Sun, 28 Feb 2021 16:09:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "603bc02b-2c09b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkeNgNZWIabNJcgaKLquTp4QdizV53W%2BQjs958cHWAdC8ygNMDkREV3iVoib%2FmjUbSSj4bIB4zlWIFpAcWipqSwIshsO5NfKotrEq4KE3led2Ik3JE%2BI7VnDaeNu%2BMForQFVllXu3Oll"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-2886071/2886072 cache-control max-age=14400 cf-ray 8a11753edbea2be8-FRA alt-svc h3=":443"; ma=86400 Content-Length 2886072
GET H3	200	favicon.ico wipet.malwarewatch.org/	2 KB 961 B	248ms 248ms	Other image/x-icon	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `568ac2f73335bd7d03afa4dccfa828a75d7ed282c6570ef049cd11d95f7f94f9` Request headers Referer https://wipet.malwarewatch.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:30 GMT content-encoding br cf-cache-status MISS last-modified Sun, 28 Feb 2021 11:49:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"603b8353-9f6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOrHLjYlxrlTx96QtBIaPo6imXWzu2ylfDBiO7EKkI2I5VL62Mi9PE4bRzjiU17cyw3mZZ5ZjWH3%2FlSdsJkDg2PRg4z9Meq3hScnpcXbRZ51jaSRZzm8HtAvw5KFsfxtJUotVqKDQGKV"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8a1175421fc22be8-FRA alt-svc h3=":443"; ma=86400
GET H3	200	AMOGUS.ttf wipet.malwarewatch.org/	81 KB 54 KB	143ms 142ms	Font application/font	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wipet.malwarewatch.org/AMOGUS.ttf Requested by Host: wipet.malwarewatch.org URL: https://wipet.malwarewatch.org/AMOGUS.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `580aeff9985d0bc41766647d371d97b35eb951b97c22bc00193291baf3071525` Request headers Referer https://wipet.malwarewatch.org/AMOGUS.css Origin https://wipet.malwarewatch.org User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:06:30 GMT content-encoding br cf-cache-status MISS last-modified Sun, 13 Sep 2015 00:10:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"55f4beee-145f4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrxddVfRPwym69APBVDnIi1WQ1iyyftadxouf6Hfm2tndZRsECMCtAQsOuEUDNdPH%2BEBckZrxMHP6%2BRZ%2Fo6Hq6MznvmdT2mJ18d2UloeN188p1hhhdwYmzueuDK1pLS3XICWwjsaCJiR"}],"group":"cf-nel","max_age":604800} content-type application/font cache-control max-age=14400 cf-ray 8a1175455af52be8-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wipet.malwarewatch.org
188.114.96.3
0143c15a5f86b042d0be22c01f077ba44fc55de6e60571b4b6cddb36b1dcb60b
01fdc1b0cfa0918ea46aede6d41f2bec7ac38cb437cdd6b5bb813e35ff45de5d
36bc0a70936e7fe9750e50867626ac979bf744b025e2dce54c4414af654ccfdb
568ac2f73335bd7d03afa4dccfa828a75d7ed282c6570ef049cd11d95f7f94f9
580aeff9985d0bc41766647d371d97b35eb951b97c22bc00193291baf3071525
7325db9fbb8de58453d16d3fb57a6afa4428569ac054ce2dbe47bc636a627c27
8e35dcb1179f955ddda9393c21dae23fb0972e3f6401860131f0ea2530eca4b7
913b6184c24f815b2e9f5c4aed93303eadd9f8b7e88351e1e094c535a76d95b9
f179750779f118191f1c3aad1cc6fa68a2930fe3a57b8dd71680b2b6a144daeb

wipet.malwarewatch.org Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1499 kBTransfer

1725 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

wipet.malwarewatch.org Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1499 kB
Transfer

1725 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions