curiosidadviral.xyz Open in urlscan Pro
2606:4700:30::681c:1fda Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://curiosidadviral.xyz/
Submission: On December 31 via manual (December 31st 2018, 8:08:37 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:30::681c:1fda, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is curiosidadviral.xyz.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 2nd 2018. Valid for: a year.

This is the only time curiosidadviral.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:30:... 2606:4700:30::681c:1fda	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1	107.182.233.217 107.182.233.217	29854 (WESTHOST) (WESTHOST - WestHost)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST - Steadfast)
1	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST - Steadfast)
1	208.100.17.183 208.100.17.183	32748 (STEADFAST) (STEADFAST - Steadfast)
19	8

7 2606:4700:30::681c:1fda (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

curiosidadviral.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.182.233.217 (Providence, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e9d9.setaptr.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.183 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip183.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
7	curiosidadviral.xyz curiosidadviral.xyz	221 KB
2	amung.us widgets.amung.us whos.amung.us	3 KB
1	dtscout.com t.dtscout.com	379 B
19	4

	Domain	Requested by
7	ic.tynt.com	curiosidadviral.xyz
7	curiosidadviral.xyz	curiosidadviral.xyz
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	t.dtscout.com	widgets.amung.us
1	widgets.amung.us	curiosidadviral.xyz
19	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-11-02` - `2019-11-02`	a year	crt.sh
whos.amung.us GeoTrust EV RSA CA 2018	`2018-03-09` - `2020-05-25`	2 years	crt.sh
*.dtscout.com RapidSSL RSA CA 2018	`2018-10-10` - `2019-11-04`	a year	crt.sh
*.tynt.com COMODO RSA Domain Validation Secure Server CA	`2014-10-14` - `2019-10-13`	5 years	crt.sh

This page contains 1 frames:

Primary Page: https://curiosidadviral.xyz/
Frame ID: C87AAEF6463353B5502A8DECD7AAD8E5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

19
Requests

100 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

8
IPs

2
Countries

232 kB
Transfer

503 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response curiosidadviral.xyz/	3 KB 1 KB	1180ms 1155ms	Document text/html	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.39 Resource Hash `181450b7f553b92f616b73ddf8ccee72db0137167fd353d835bd027ea4ccf490` Request headers :method GET :authority curiosidadviral.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Mon, 31 Dec 2018 20:08:19 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; expires=Tue, 31-Dec-19 20:08:17 GMT; path=/; domain=.curiosidadviral.xyz; HttpOnly PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7; path=/ x-powered-by PHP/5.6.39 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 491f60985ae5c292-FRA content-encoding br
GET H2	200	tSOgnJdhTc3.css curiosidadviral.xyz/css/	29 KB 8 KB	649ms 648ms	Stylesheet text/css	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/css/tSOgnJdhTc3.css Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c163da4fd68d9d9c1ab31a31519dc86ba750c5a8e77d9dda1542465b734b3452` Request headers :path /css/tSOgnJdhTc3.css pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:19 GMT content-encoding br cf-cache-status MISS last-modified Tue, 07 Nov 2017 19:28:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 491f609f9a1fc292-FRA expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	9an7U6cZys0.css curiosidadviral.xyz/css/	67 KB 15 KB	817ms 816ms	Stylesheet text/css	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/css/9an7U6cZys0.css Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `8061ae36bab57320130dece21e75f5ac71e902121eadb126ca960e3654bab577` Request headers :path /css/9an7U6cZys0.css pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:19 GMT content-encoding br cf-cache-status MISS last-modified Tue, 07 Nov 2017 19:28:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 491f609f9a21c292-FRA expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	style.css curiosidadviral.xyz/css/	1 KB 529 B	638ms 637ms	Stylesheet text/css	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/css/style.css Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b7dabddbb7403834f5bdb7919f2be9f382965618347f1147ad24a6fdc8273150` Request headers :path /css/style.css pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:19 GMT content-encoding br cf-cache-status MISS last-modified Tue, 07 Nov 2017 19:28:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 491f609f9a22c292-FRA expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	fEZ5x2OZgwl.js Show response curiosidadviral.xyz/js/	248 KB 67 KB	1118ms 1117ms	Script application/javascript	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/js/fEZ5x2OZgwl.js Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `56b3a78bf4df13e8416cb28e5f1bfa7749c6f27cf7d87cfec5a445eb8d1dbc6d` Request headers :path /js/fEZ5x2OZgwl.js pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:20 GMT content-encoding br cf-cache-status MISS last-modified Tue, 07 Nov 2017 19:28:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=14400 cf-ray 491f609f9a24c292-FRA expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	backwards.js Show response curiosidadviral.xyz/js/	4 KB 1 KB	633ms 632ms	Script application/javascript	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Full URL https://curiosidadviral.xyz/js/backwards.js Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7f2c5fd18a0e9dacaea6c319d251c5ccf57b7b7f4a922e9ffa12c8c48b0e679a` Request headers :path /js/backwards.js pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:19 GMT content-encoding br cf-cache-status MISS last-modified Sat, 08 Dec 2018 15:50:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=14400 cf-ray 491f609f9a27c292-FRA expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	logo.png curiosidadviral.xyz/img/	127 KB 127 KB	1243ms 1242ms	Image image/png	2606:4700:30::681c:1fda Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://curiosidadviral.xyz/img/logo.png Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:1fda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `479cb91730eef777856825b3a30f19536770ed45c7120117de44e56b7db826c6` Request headers :path /img/logo.png pragma no-cache cookie __cfduid=d136166f0e97d0b7444577be040b2cde81546286897; PHPSESSID=jrj5u4epq0t6ft25ttufi87vm7 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority curiosidadviral.xyz referer https://curiosidadviral.xyz/ :scheme https :method GET Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:20 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2017 19:28:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 491f609f9a28c292-FRA content-length 129841 expires Tue, 01 Jan 2019 00:08:19 GMT
GET H2	200	small.js Show response widgets.amung.us/	7 KB 3 KB	152ms 7ms	Script application/x-javascript	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.amung.us/small.js Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.225.208.133 -, , ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash `9f81a2afebdf1ec72e08319d558c018615dfbc323b4faa9b5f72e125cbbd462a` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:19 GMT content-encoding gzip last-modified Mon, 10 Dec 2018 18:29:40 GMT access-control-allow-origin * etag W/"5c0eb094-1a20" content-type application/x-javascript status 200 cache-control max-age=86400, private expires Tue, 01 Jan 2019 20:08:19 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	17 B 379 B	510ms 165ms	Script application/javascript	107.182.233.217 WestHost
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fcuriosidadviral.xyz%2F&j= Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US), Reverse DNS 6bb6e9d9.setaptr.net Software nginx/1.10.3 (Ubuntu) / Resource Hash `37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 31 Dec 2018 20:08:20 GMT Server nginx/1.10.3 (Ubuntu) X-Z I Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close Expires Mon, 31 Dec 2018 20:08:19 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/	29 B 162 B	345ms 112ms	Script text/javascript	67.202.94.94 Steadfast
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=2p1ums304y&t=Facebook%20Videos&c=s&y=&a=-1&d=2.346&v=22&r=9530 Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS amung.us Software / Resource Hash `b15535b55e6f79b9fcc8a722c78ad3ab01c9f0d966d38bf48a8aa33c5aec721c` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Mon, 31 Dec 2018 20:08:20 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	200	tc.js Show response cdn.tynt.com/	15 KB 6 KB	58ms 20ms	Script application/javascript	104.16.88.26 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4f019b3e38098b74d98fb909e1add41a2c4208bfa59db027818fcbd0e187f763` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 31 Dec 2018 20:08:20 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 10 Dec 2018 17:12:01 GMT server cloudflare etag W/"5c0e9e61-3ddc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=259200 cf-ray 491f60a948bcbf57-AMS expires Thu, 03 Jan 2019 20:08:20 GMT
GET DATA	200 OK	truncated /	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac` Request headers Response headers Content-Type image/gif
GET H2	204	p ic.tynt.com/b/	0 286 B	344ms 120ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0&t=Facebook%20Videos Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:20 GMT server nginx/1.14.0 p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 199 B	346ms 122ms	Script application/javascript	208.100.17.183 Steadfast
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!2p1ums304y&dn=TC&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip183.208-100-17.static.steadfastdns.net Software / Resource Hash `d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Mon, 31 Dec 2018 20:08:20 GMT cache-control max-age=86400 expires Tue, 01 Jan 2019 20:08:21 GMT p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA content-length 4 content-type application/javascript
GET H2	204	p ic.tynt.com/b/	0 123 B	108ms 108ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0&t=Facebook%20Videos Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	204	p ic.tynt.com/b/	0 123 B	108ms 108ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0&t=Facebook%20Videos Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	204	p ic.tynt.com/b/	0 123 B	110ms 110ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0 Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	204	p ic.tynt.com/b/	0 123 B	110ms 110ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0 Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	204	p ic.tynt.com/b/	0 123 B	112ms 112ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0 Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
GET H2	204	p ic.tynt.com/b/	0 123 B	109ms 109ms	Image text/plain	208.100.17.184 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!2p1ums304y&lm=0&ts=1546286900700&dn=TC&iso=0 Requested by Host: curiosidadviral.xyz URL: https://curiosidadviral.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip184.208-100-17.static.steadfastdns.net Software nginx/1.14.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://curiosidadviral.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 date Mon, 31 Dec 2018 20:08:21 GMT server nginx/1.14.0 p3p CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			curiosidadviral.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: jrj5u4epq0t6ft25ttufi87vm7
			.curiosidadviral.xyz/	1970-01-19 06:17:02	Name: __cfduid Value: d136166f0e97d0b7444577be040b2cde81546286897

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
curiosidadviral.xyz
de.tynt.com
ic.tynt.com
t.dtscout.com
whos.amung.us
widgets.amung.us
104.16.88.26
107.182.233.217
185.225.208.133
208.100.17.183
208.100.17.184
2606:4700:30::681c:1fda
67.202.94.94
181450b7f553b92f616b73ddf8ccee72db0137167fd353d835bd027ea4ccf490
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
479cb91730eef777856825b3a30f19536770ed45c7120117de44e56b7db826c6
4f019b3e38098b74d98fb909e1add41a2c4208bfa59db027818fcbd0e187f763
56b3a78bf4df13e8416cb28e5f1bfa7749c6f27cf7d87cfec5a445eb8d1dbc6d
7f2c5fd18a0e9dacaea6c319d251c5ccf57b7b7f4a922e9ffa12c8c48b0e679a
8061ae36bab57320130dece21e75f5ac71e902121eadb126ca960e3654bab577
9f81a2afebdf1ec72e08319d558c018615dfbc323b4faa9b5f72e125cbbd462a
b15535b55e6f79b9fcc8a722c78ad3ab01c9f0d966d38bf48a8aa33c5aec721c
b7dabddbb7403834f5bdb7919f2be9f382965618347f1147ad24a6fdc8273150
c163da4fd68d9d9c1ab31a31519dc86ba750c5a8e77d9dda1542465b734b3452
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

curiosidadviral.xyz Open in urlscan Pro 2606:4700:30::681c:1fda Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

14 %IPv6

4 Domains

7 Subdomains

8 IPs

2 Countries

232 kBTransfer

503 kBSize

2 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

35 JavaScript Global Variables

2 Cookies

Indicators

curiosidadviral.xyz Open in urlscan Pro
2606:4700:30::681c:1fda Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

8
IPs

2
Countries

232 kB
Transfer

503 kB
Size

2
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!