urlscan.io logo urlscan.io
SecurityTrails logo

puregreen24.com Open in urlscan Pro
160.153.42.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.linux.liyouradio.org/.well-d0nes/
Effective URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kM...
Submission: On February 24 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 160.153.42.194, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is puregreen24.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 8th 2019. Valid for: 2 years.
This is the only time puregreen24.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 50.63.110.1 26496 (AS-26496-...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 7 160.153.42.194 26496 (AS-26496-...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
1 185.225.208.133 13213 (UK2NET-AS)
1 67.202.94.93 32748 (STEADFAST)
14 9
1    50.63.110.1 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: p3nlhg452c1452.shr.prod.phx3.secureserver.net
www.linux.liyouradio.org
2    2606:4700:3034::681f:58cc (United States)

ASN13335 (CLOUDFLARENET, US)
s.noreferral.net
7    160.153.42.194 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-160-153-42-194.ip.secureserver.net
puregreen24.com
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
waust.at
1    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
Domain Requested by
7 puregreen24.com 2 redirects puregreen24.com
2 maxcdn.bootstrapcdn.com puregreen24.com
2 s.noreferral.net www.linux.liyouradio.org
puregreen24.com
1 whos.amung.us waust.at
1 waust.at puregreen24.com
1 use.fontawesome.com puregreen24.com
1 ajax.googleapis.com puregreen24.com
1 www.linux.liyouradio.org
14 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
puregreen24.com
Go Daddy Secure Certificate Authority - G2		 2019-02-08 -
2021-02-08		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018		 2018-03-09 -
2020-05-25		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Frame ID: 42450D145050A01EEF7DAFC4A4C5A09C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.linux.liyouradio.org/.well-d0nes/ Page URL
  2. https://puregreen24.com/.7j8k31c/?locale=CA&ID=2&ui-action=signIn&ui-id=XwVZWBGNvQwpuaolyKYTYmGMvaVe... HTTP 302
    https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f HTTP 301
    https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/ Page URL
  3. https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-ac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

93 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

359 kB
Transfer

928 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.linux.liyouradio.org/.well-d0nes/ Page URL
  2. https://puregreen24.com/.7j8k31c/?locale=CA&ID=2&ui-action=signIn&ui-id=XwVZWBGNvQwpuaolyKYTYmGMvaVeAbTYXpxtqEH HTTP 302
    https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f HTTP 301
    https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/ Page URL
  3. https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://puregreen24.com/.7j8k31c/?locale=CA&ID=2&ui-action=signIn&ui-id=XwVZWBGNvQwpuaolyKYTYmGMvaVeAbTYXpxtqEH HTTP 302
  • https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f HTTP 301
  • https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.linux.liyouradio.org/.well-d0nes/ 		543 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.linux.liyouradio.org/.well-d0nes/
Protocol
HTTP/1.1
Server
50.63.110.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
p3nlhg452c1452.shr.prod.phx3.secureserver.net
Software
Apache /
Resource Hash
d913e8a4c89fbd1daefb97a712feaa07489132112accaff00aa05df7b68a662e

Request headers

Host
www.linux.liyouradio.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:35:58 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=4gl37d9bji91bon9fkcsib64p0; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
319
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
anonymize.js
s.noreferral.net/oth/nre/script/ 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.noreferral.net/oth/nre/script/anonymize.js
Requested by
Host: www.linux.liyouradio.org
URL: http://www.linux.liyouradio.org/.well-d0nes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7553574effe076dc946606f19b22a543f75f3fbfa576ab2ab1ec435dbb06b45c

Request headers

Referer
http://www.linux.liyouradio.org/.well-d0nes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:35:59 GMT
content-encoding
br
cf-cache-status
HIT
age
135831
cf-polished
origSize=1800
status
200
last-modified
Fri, 15 Dec 2017 06:03:22 GMT
server
cloudflare
etag
W/"5a3365aa-708"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Mon, 24 Feb 2020 17:05:59 GMT
cache-control
public, max-age=1800
cf-ray
56a2db1a9d8c0eab-FRA
cf-bgj
minify
/
puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
Redirect Chain
  • https://puregreen24.com/.7j8k31c/?locale=CA&ID=2&ui-action=signIn&ui-id=XwVZWBGNvQwpuaolyKYTYmGMvaVeAbTYXpxtqEH
  • https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f
  • https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
517 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.42.194 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-42-194.ip.secureserver.net
Software
Apache / PHP/7.1.33
Resource Hash
5171f5fd0d5846c4e056e1cfa6016779ed5a2834da1d793b29e75e21753d54d2

Request headers

:method
GET
:authority
puregreen24.com
:scheme
https
:path
/.7j8k31c/77369e37b2aa1404f416275183ab055f/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://www.linux.liyouradio.org/.well-d0nes/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://www.linux.liyouradio.org/.well-d0nes/

Response headers

status
200
date
Mon, 24 Feb 2020 16:36:00 GMT
server
Apache
x-powered-by
PHP/7.1.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=2bd9d7814f214a770c2863819ca3f3fd; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
300
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Mon, 24 Feb 2020 16:36:00 GMT
server
Apache
location
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
content-length
274
content-type
text/html; charset=iso-8859-1
anonymize.js
s.noreferral.net/oth/nre/script/ 		1 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.noreferral.net/oth/nre/script/anonymize.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:58cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7553574effe076dc946606f19b22a543f75f3fbfa576ab2ab1ec435dbb06b45c

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
br
cf-cache-status
HIT
age
135833
cf-polished
origSize=1800
status
200
last-modified
Fri, 15 Dec 2017 06:03:22 GMT
server
cloudflare
etag
W/"5a3365aa-708"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Mon, 24 Feb 2020 17:06:01 GMT
cache-control
public, max-age=1800
cf-ray
56a2db26584b0eab-FRA
cf-bgj
minify
Primary Request web0ssl21.php
puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.42.194 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-42-194.ip.secureserver.net
Software
Apache / PHP/7.1.33
Resource Hash
945bc4d404ad5fc2713038a6e913009f359db9e70a67c203607db9702af24b39

Request headers

:method
GET
:authority
puregreen24.com
:scheme
https
:path
/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=2bd9d7814f214a770c2863819ca3f3fd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/

Response headers

status
200
date
Mon, 24 Feb 2020 16:36:01 GMT
server
Apache
x-powered-by
PHP/7.1.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
1958
content-type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 00:56:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1697942
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 00:56:59 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
form.js
puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/js/ 		3 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/js/form.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.42.194 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-42-194.ip.secureserver.net
Software
Apache /
Resource Hash
bfb168ddfc0b73947c5301535b9772770e9fe321b8496916c5e8843cf83528e4

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 16:36:00 GMT
server
Apache
etag
"958101f-c51-59f54f76918b9-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
681
all.js
use.fontawesome.com/releases/v5.0.6/js/ 		657 KB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.6/js/all.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2018 22:27:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"44f077b456f3decb0d1b00769927c002"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
logo.svg
puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/img/logo.svg
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.42.194 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-42-194.ip.secureserver.net
Software
Apache /
Resource Hash
8c0b230f7dcf65e2f232a2825bc769fb4dcff96982af865b1f6e72a86f196d2b

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:36:01 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 16:36:00 GMT
server
Apache
etag
"9581017-fea-59f54f768ce81-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1913
s.js
waust.at/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/s.js
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
cab040fc133814c4dd30f8c70b2dd7d4a7aa5a5f2bc5078b67e4c76c7f715119

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:36:02 GMT
content-encoding
gzip
last-modified
Tue, 18 Feb 2020 17:29:07 GMT
access-control-allow-origin
*
etag
W/"5e4c1ee3-1da0"
content-type
application/x-javascript
status
200
cache-control
max-age=86400, private
expires
Tue, 25 Feb 2020 16:36:02 GMT
loading.gif
puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/includes/img/loading.gif
Requested by
Host: puregreen24.com
URL: https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.42.194 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-42-194.ip.secureserver.net
Software
Apache /
Resource Hash
8191e57a7677ccf16deb6ebc3647f80affccdf1cc8ebc5f8e5e432d6007f1792

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:36:02 GMT
last-modified
Mon, 24 Feb 2020 16:36:00 GMT
server
Apache
etag
"9581015-310b-59f54f768c2c9"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
12555
/
whos.amung.us/pingjs/ 		30 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=zbhcg02ek41&t=Telus%20-%20My%20Account&c=s&y=https%3A%2F%2Fpuregreen24.com%2F.7j8k31c%2F77369e37b2aa1404f416275183ab055f%2F&a=0&d=0.414&v=22&r=3107
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
fc42d02665e8aba172e11f382b09ac765236fa96bc131e67c4bd64cdaf97c111

Request headers

Referer
https://puregreen24.com/.7j8k31c/77369e37b2aa1404f416275183ab055f/web0ssl21.php?locale=CA&ID=7&ui-action=signIn&ui-id=kMJwtGzhQJTIjapbYznNEyZuoKuQevgel
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 24 Feb 2020 16:36:02 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| _wau object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| x string| x1 string| x2

0 Cookies